How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, dat...How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST' s firewall reference model by adding a transmission unit modification function and an attribute value mapping function,describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.展开更多
Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenan...Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD PDM, an enterprise oriented product data management (PDM) system.展开更多
Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the serv...Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.展开更多
Discuss the problem of infinite increasing coin list in anonymous E-cash systems, which reduce the efficiency of whole system greatly. Though some methods are suggested, no one can solve the problem with high efficien...Discuss the problem of infinite increasing coin list in anonymous E-cash systems, which reduce the efficiency of whole system greatly. Though some methods are suggested, no one can solve the problem with high efficiency and flexibility. Here, we use the technique of adding information in blind signatures to deal with this problem. Through adding timestamp in signatures, we can separate the valid period of all used coins into pieces. Only the coins in the last stage are recorded. So the scale of the coins list is controlled. We also analyze the anonymity of these data, and add some indispensable restrictions to them. These restrictions can ensure that the imported data don’t break the anonymity of the customers. In order to fulfill these qualifications, we lead to the concept of restricted common data (RCD). Furthermore, we propose two schemes to add RCD in the blind signature. The simple one is easy to implement, while the complex one can note the value of the coin. The usage of RCD leads to little additional cost, as well as maintaining the anonymity of customers. This method fits for most kinds of anonymous E-cash systems.展开更多
In this paper, a robust digital watermarking method against shearing based on Haar orthogonal function system was introduced. The proposed method adopted the complete generalized orthogonal properties of Haar ortbogon...In this paper, a robust digital watermarking method against shearing based on Haar orthogonal function system was introduced. The proposed method adopted the complete generalized orthogonal properties of Haar ortbogonal function system to achieve the piece-based orthogonal transform on the image. The significant middle frequency coefficients in the transformation matrix are picked up, based on characteristics of the image visual system and the Haar orthogonal transform. The watermark is adoptively weighed to the middle frequency matrix. The method improves the validity of watermarking and shows excellent advantage against shearing attack. Experimental results show that the Haar orthogonal function system based watermark approach can provide an excellent protection under geometric attacks.展开更多
The technology of remote transaction mirror image is a feasible, low-investment and well-effect disaster backup scheme in finance business system. The basic idea, construction, working principles and characteristic of...The technology of remote transaction mirror image is a feasible, low-investment and well-effect disaster backup scheme in finance business system. The basic idea, construction, working principles and characteristic of remote transaction mirror image are presented in this paper. We analyze and compare similarities and differences among this disaster backup scheme and others usually used. The technology of remote transaction mirror image have the advantages such as less requiring of software and hardware system platform, low-investment, being able to control and restore lost data, insuring the data consistency and integrity.展开更多
文摘How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST' s firewall reference model by adding a transmission unit modification function and an attribute value mapping function,describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.
文摘Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD PDM, an enterprise oriented product data management (PDM) system.
文摘Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.
文摘Discuss the problem of infinite increasing coin list in anonymous E-cash systems, which reduce the efficiency of whole system greatly. Though some methods are suggested, no one can solve the problem with high efficiency and flexibility. Here, we use the technique of adding information in blind signatures to deal with this problem. Through adding timestamp in signatures, we can separate the valid period of all used coins into pieces. Only the coins in the last stage are recorded. So the scale of the coins list is controlled. We also analyze the anonymity of these data, and add some indispensable restrictions to them. These restrictions can ensure that the imported data don’t break the anonymity of the customers. In order to fulfill these qualifications, we lead to the concept of restricted common data (RCD). Furthermore, we propose two schemes to add RCD in the blind signature. The simple one is easy to implement, while the complex one can note the value of the coin. The usage of RCD leads to little additional cost, as well as maintaining the anonymity of customers. This method fits for most kinds of anonymous E-cash systems.
文摘In this paper, a robust digital watermarking method against shearing based on Haar orthogonal function system was introduced. The proposed method adopted the complete generalized orthogonal properties of Haar ortbogonal function system to achieve the piece-based orthogonal transform on the image. The significant middle frequency coefficients in the transformation matrix are picked up, based on characteristics of the image visual system and the Haar orthogonal transform. The watermark is adoptively weighed to the middle frequency matrix. The method improves the validity of watermarking and shows excellent advantage against shearing attack. Experimental results show that the Haar orthogonal function system based watermark approach can provide an excellent protection under geometric attacks.
基金This work was supported by"Shu Guang"project of Shanghai Municipal Education Commission and Shanghai Education Development Foundation (No.2002SG53) and was also supported by Science and Technology Foundation of Shanghai Higher Education (No.CL200222).
文摘The technology of remote transaction mirror image is a feasible, low-investment and well-effect disaster backup scheme in finance business system. The basic idea, construction, working principles and characteristic of remote transaction mirror image are presented in this paper. We analyze and compare similarities and differences among this disaster backup scheme and others usually used. The technology of remote transaction mirror image have the advantages such as less requiring of software and hardware system platform, low-investment, being able to control and restore lost data, insuring the data consistency and integrity.
