Cloud edge integrated security architecture of new cloud manufacturing system

With the rapid development of cloud manufacturing technology and the new generation of artificial intelligence technology,the new cloud manufacturing system(NCMS)built on the connotation of cloud manufacturing 3.0 presents a new business model of“Internet of everything,intelligent leading,data driving,shared services,cross-border integration,and universal innovation”.The network boundaries are becoming increasingly blurred,NCMS is facing security risks such as equipment unauthorized use,account theft,static and extensive access control policies,unauthorized access,supply chain attacks,sensitive data leaks,and industrial control vulnerability attacks.Traditional security architectures mainly use information security technology,which cannot meet the active security protection requirements of NCMS.In order to solve the above problems,this paper proposes an integrated cloud-edge-terminal security system architecture of NCMS.It adopts the zero trust concept and effectively integrates multiple security capabilities such as network,equipment,cloud computing environment,application,identity,and data.It adopts a new access control mode of“continuous verification+dynamic authorization”,classified access control mechanisms such as attribute-based access control,rolebased access control,policy-based access control,and a new data security protection system based on blockchain,achieving“trustworthy subject identity,controllable access behavior,and effective protection of subject and object resources”.This architecture provides an active security protection method for NCMS in the digital transformation of large enterprises,and can effectively enhance network security protection capabilities and cope with increasingly severe network security situations.

A Holistic Secure Communication Mechanism Using a Multilayered Cryptographic Protocol to Enhanced Security

In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.

Machine Learning Security Defense Algorithms Based on Metadata Correlation Features

With the popularization of the Internet and the development of technology,cyber threats are increasing day by day.Threats such as malware,hacking,and data breaches have had a serious impact on cybersecurity.The network security environment in the era of big data presents the characteristics of large amounts of data,high diversity,and high real-time requirements.Traditional security defense methods and tools have been unable to cope with the complex and changing network security threats.This paper proposes a machine-learning security defense algorithm based on metadata association features.Emphasize control over unauthorized users through privacy,integrity,and availability.The user model is established and the mapping between the user model and the metadata of the data source is generated.By analyzing the user model and its corresponding mapping relationship,the query of the user model can be decomposed into the query of various heterogeneous data sources,and the integration of heterogeneous data sources based on the metadata association characteristics can be realized.Define and classify customer information,automatically identify and perceive sensitive data,build a behavior audit and analysis platform,analyze user behavior trajectories,and complete the construction of a machine learning customer information security defense system.The experimental results show that when the data volume is 5×103 bit,the data storage integrity of the proposed method is 92%.The data accuracy is 98%,and the success rate of data intrusion is only 2.6%.It can be concluded that the data storage method in this paper is safe,the data accuracy is always at a high level,and the data disaster recovery performance is good.This method can effectively resist data intrusion and has high air traffic control security.It can not only detect all viruses in user data storage,but also realize integrated virus processing,and further optimize the security defense effect of user big data.

Improving Smart Home Security via MQTT: Maximizing Data Privacy and Device Authentication Using Elliptic Curve Cryptography

The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.

Study on Security Technologies for Wireles Network Integration

The network integration provides users with a new network with long connection time and a high data rate when needed, but it also brings the defects of all the networks that integrate together into the integrated network. This will cause all kinds of existing and some new security problems in the operation of the integrated network. A complete protection based on recovery is proposed in the paper. It uses the public-key algorithm to authorize and private-key algorithm to encrypt the communicating data. This solution can provide the system with reliable security, and avoid Denial of Service (DoS) of the user. This solution has been proposed lately, and we should further identify the correct action of all the layers and figure out how to react when a legal node is framed by multiple malicious nodes.

Integration of urban and rural minimum living standard security system

With the acceleration of urbanization, the lifestyles and living expenses of farmers and urban residents is increasingly more and more similar .However, from the measures in terms of the minimum living guarantee, the level of protection of rural and urban residents really have a large gap. The Third Plenary Session of the 18th Central Committee noted ＂to promote urban and rural minimum living security system and rural development＂, ＂to speed up and improve the social security management system and operate the service system＂,These tell us that only to realize the integration of urban and rural subsistence allowances, improve the underpinning of the social security system, can we build a moderately prosperous society.

A Study on the Restricted Factors of the Integration of Urban and Rural Low- security in China

With the deepening of the national urban and rural development strategy and the development of urban and rural integration, all levels of government are committed to narrowing the gap between rural and urban subsistence allowances. However, the inherent urban and rural differences and path dependence determines the integration of urban and rural low-cost integration is far from the standard can be achieved, the institutional environment and the operating environment are not in the same starting line of the facts, determines the ＂integration＂ will need to go through a long period of time Time of urban and rural development can be gradually achieved. At present, China＇s widespread implementation of the distinction between urban and rural residents minimum riving security system, not only difficult to play its due security ftmction, but further exacerbated the vicious cycle of dual society, the economic and social development is extremely unfavorable.

Social Security audit integration path analysis

Nowadays, China has entered the aging countries sequence, reform and development of the social insurance system is facing more opportunities and challenges, which give the social insurance audit work of the new requirements. In practice, the social insurance audit work has encountered new conflicts and problems. Due to the socio-economic composition, organizational forms, forms of employment, interest, distribution relations have had a dramatic and profound change, labor relations was diversified, contract, complex features, social insurance premium is difficult, concealed drain Daily contribution base, have occurred impersonator false and social insurance benefits behavior. Loss of the social insurance fund is now urgently containment dike, to further regulate the social insurance audit work has become an important issue in the New Social Insurance Development. Therefore, we must establish a sound social security audit system, and promote the integration of social security audits, and thus be able to maintain the smooth progress of China＇s social insurance work.

Security integrated framework for semantic web based on social intelligence

An integrated security framework for a semantic web is proposed based on the social intelligence of an individual＇s avoiding harm and preserving transaction logic-integrity. The framework extends the semantic web model and controls the dynamic security of semantic web services, such as trust, logic and reasoning. It includes four layers, that is, a trust entrance layer, a social intelligence layer, a transaction layer, and a TCP/IP security protocols layer. The trust entrance layer deals with trustable features from users. Social intelligence layer is responsible for logical questions for a semantic web. The transaction layer carries out transaction reasoning. And the TCP/IP security protocols layer ensures security communication. These layers can cooperate to build closed-security-ring with different security grades. The integrated security framework provides an integrated security method for semantic web flow so that it is universal for various semantic web technologies.

Jamming-Aided Secure Communication in Ultra-Dense LEO Integrated Satellite-Terrestrial Networks

The ultra-dense low earth orbit(LEO)integrated satellite-terrestrial networks(UDLEO-ISTN)can bring lots of benefits in terms of wide coverage,high capacity,and strong robustness.Meanwhile,the broadcasting and open natures of satellite links also reveal many challenges for transmission security protection,especially for eavesdropping defence.How to efficiently take advantage of the LEO satellite’s density and ensure the secure communication by leveraging physical layer security with the cooperation of jammers deserves further investigation.To our knowledge,using satellites as jammers in UDLEO-ISTN is still a new problem since existing works mainly focused on this issue only from the aspect of terrestrial networks.To this end,we study in this paper the cooperative secrecy communication problem in UDLEOISTN by utilizing several satellites to send jamming signal to the eavesdroppers.An iterative scheme is proposed as our solution to maximize the system secrecy energy efficiency(SEE)via jointly optimizing transmit power allocation and user association.Extensive experiment results verify that our designed optimization scheme can significantly enhance the system SEE and achieve the optimal power allocation and user association strategies.

Blockchain Based Secure Relay Scheme for Space-Terrestrial Integrated Networks

The future 6G networks will integrates space and terrestrial networks to realize a fully connected world with extensive collaboration.However,how to build trust between multiple parties is a difficult problem for secure cooperation without a reliable third-party.Blockchain is a promising technology to solve this problem by converting the trust between multi-parties to the trust to the common shared data.Several works have proposed to apply the incentive mechanism in blockchain to encourage effective cooperation,but how to evaluate the cooperation performance and avoid breach of contract is not discussed.In this paper,a secure relay scheme is proposed based on the consortium blockchain system composed by different operators.In particular,smart contract checks the integrity of the message based on RSA accumulator,and executes transactions automatically when the message is delivered successfully.Detailed procedures are introduced for both uplink and downlink relay.Implementation based on Hyperledger Fabric proves the effectiveness of the proposed scheme and shows that the complexity of the scheme is low enough for practical deployment.

Integrated Evaluation of Ecological Security at Different Scales Using Remote Sensing: A Case Study of Zhongxian County, the Three Gorges Area, China

Based on related literature and this research, an ecological security evaluation from the pixel scale to the small watershed or county scale was presented using remote sensing data and related models. With the driver-pressure, state and exposure to pollution-response （DPSER） model as a basis, a conceptual framework of regional ecological evaluation and an index system were established. The extraction and standardization of evaluation indices were carried out with GIS techniques, an information extraction model and a data standardization model. The conversion of regional ecological security results from the pixel scale to a small watershed or county scale was obtained with an evaluation model and a scaling model. Two conceptual scale conversion models of regional ecological security from the pixel scale to the county scale were proposed： 1） scale conversion of ecological security regime results from plxel to small watershed; and 2） scale conversion from pixel to county. These research results could provide useful ideas for regional ecological security evaluation as well as ecological and environmental management.

Ensuring water security by utilizing roof-harvested rainwater and lake water treated with a low-cost integrated adsorption-filtration system

Drinking water is supplied through a centralized water supply system and may not be accessed by communities in rural areas of Malaysia.This study investigated the performance of a low-cost, self-prepared combined activated carbon and sand filtration(CACSF) system for roofharvested rainwater and lake water for potable use. Activated carbon was self-prepared using locally sourced coconut shell and was activated using commonly available salt rather than a high-tech procedure that requires a chemical reagent. The filtration chamber was comprised of local,readily available sand. The experiments were conducted with varying antecedent dry intervals(ADIs) of up to 15 d and lake water with varying initial chemical oxygen demand(COD) concentration. The CACSF system managed to produce effluents complying with the drinking water standards for the parameters p H, dissolved oxygen(DO), biochemical oxygen demand(BOD5), COD, total suspended solids(TSS), and ammonia nitrogen(NH_3-N). The CACSF system successfully decreased the population of Escherichia coli(E. coli) in the influents to less than 30 CFU/m L. Samples with a higher population of E. coli(that is, greater than 30 CFU/m L) did not show 100% removal. The system also showed high potential as an alternative for treated drinking water for roof-harvested rainwater and class II lake water.

Blockchain and Data Integrity Authentication Technique for Secure Cloud Environment

Nowadays,numerous applications are associated with cloud and user data gets collected globally and stored in cloud units.In addition to shared data storage,cloud computing technique offers multiple advantages for the user through different distribution designs like hybrid cloud,public cloud,community cloud and private cloud.Though cloud-based computing solutions are highly con-venient to the users,it also brings a challenge i.e.,security of the data shared.Hence,in current research paper,blockchain with data integrity authentication technique is developed for an efficient and secure operation with user authentica-tion process.Blockchain technology is utilized in this study to enable efficient and secure operation which not only empowers cloud security but also avoids threats and attacks.Additionally,the data integrity authentication technique is also uti-lized to limit the unwanted access of data in cloud storage unit.The major objec-tive of the projected technique is to empower data security and user authentication in cloud computing environment.To improve the proposed authentication pro-cess,cuckoofilter and Merkle Hash Tree(MHT)are utilized.The proposed meth-odology was validated using few performance metrics such as processing time,uploading time,downloading time,authentication time,consensus time,waiting time,initialization time,in addition to storage overhead.The proposed method was compared with conventional cloud security techniques and the outcomes establish the supremacy of the proposed method.

ESMD-Flow: An Intelligent Flow Forwarding Scheme with Endogenous Security Based on Mimic Defense in Space-Air-Ground Integrated Network

The Space-Air-Ground Integrated Network(SAGIN) realizes the integration of space, air,and ground networks, obtaining the global communication coverage.Software-Defined Networking(SDN) architecture in SAGIN has become a promising solution to guarantee the Quality of Service(QoS).However, the current routing algorithms mainly focus on the QoS of the service, rarely considering the security requirement of flow. To realize the secure transmission of flows in SAGIN, we propose an intelligent flow forwarding scheme with endogenous security based on Mimic Defense(ESMD-Flow). In this scheme, SDN controller will evaluate the reliability of nodes and links, isolate malicious nodes based on the reliability evaluation value, and adapt multipath routing strategy to ensure that flows are always forwarded along the most reliable multiple paths. In addition, in order to meet the security requirement of flows, we introduce the programming data plane to design a multiprotocol forwarding strategy for realizing the multiprotocol dynamic forwarding of flows. ESMD-Flow can reduce the network attack surface and improve the secure transmission capability of flows by implementing multipath routing and multi-protocol hybrid forwarding mechanism. The extensive simulations demonstrate that ESMD-Flow can significantly improve the average path reliability for routing and increase the difficulty of network eavesdropping while improving the network throughput and reducing the average packet delay.

Promoting Common Prosperity through Urban-Rural Integration: Practical Challenges, Institutional Logic, and Progressive Approaches for the Social Security System

Urban-rural integration serves as a pragmatic strategy for developing social security in China,while promoting common prosperity represents a value-driven choice.Moving from urban-rural integration toward promoting common prosperity,the social security system faces several practical challenges,including limited medical and healthcare resources,disparities in social insurance benefits,inadequacies in socialassistancelevels,and deficiencies in social welfare expenditures.To overcome these challenges,a gradual practical approach has been formed based on three institutional logics:the institutional integration logic for bridging the gap,the institutional adaptability logic for enhancing resilience,and the institutional enhancement logic for empowering prosperity.This approach involves a progression from management integration to institutional alignment and system integration.Promotion of common prosperity through urban-rural integration not only provides a practical perspective and realistic depiction of China's unique social security system but also encompasses the institutional civilization and value implications associated with the development of social security in China.

Securing Fog Computing For E-Learning System Using Integration of Two Encryption Algorithms

Currently,the majority of institutions have made use of information technologies to improve and develop their diverse educational methods to attract more learners.Through information technologies,e-learning and learning-on-the go have been adopted by the institutions to provide affordability and flexibility of educational services.Most of the educational institutes are offering online teaching classes using the technologies like cloud computing,networking,etc.Educational institutes have developed their e-learning platforms for the online learning process,through this way they have paved the way for distance learning.But e-learning platform has to face a lot of security challenges in terms of cyberattacks and data hacking through unauthorized access.Fog computing is one of the new technologies that facilitate control over access to big data,as it acts as a mediator between the cloud and the user to bring services closer and reduce their latency.This report presents the use of fog computing for the development of an e-learning platform.and introduced different algorithms to secure the data and information sharing through e-learning platforms.Moreover,this report provides a comparison among RSA,AES,and ECC algorithms for fog-enabled cybersecurity systems.These Algorithms are compared by developing them using python-based language program,in terms of encryption/decryption time,key generations techniques,and other features offered.In addition,we proposed to use a hybrid cryptography system of two types of encryption algorithms such as RSA with AES to fulfill the security,file size,and latency required for the communication between the fog and the e-learning system.we tested our proposed system and highlight the pros and cons of the Integrated Encryption Schemes by performing a testbed for e-learning website scenario using ASP.net and C#.

Block Level Data Integrity Assurance Using Matrix Dialing Method towards High Performance Data Security on Cloud Storage

Data outsourcing through cloud storage enables the users to share on-demand resources with cost effective IT services but several security issues arise like confidentiality, integrity and authentication. Each of them plays an important role in the successful achievement of the other. In cloud computing data integrity assurance is one of the major challenges because the user has no control over the security mechanism to protect the data. Data integrity insures that data received are the same as data stored. It is a result of data security but data integrity refers to validity and accuracy of data rather than protect the data. Data security refers to protection of data against unauthorized access, modification or corruption and it is necessary to ensure data integrity. This paper proposed a new approach using Matrix Dialing Method in block level to enhance the performance of both data integrity and data security without using Third Party Auditor (TPA). In this approach, the data are partitioned into number of blocks and each block converted into a square matrix. Determinant factor of each matrix is generated dynamically to ensure data integrity. This model also implements a combination of AES algorithm and SHA-1 algorithm for digital signature generation. Data coloring on digital signature is applied to ensure data security with better performance. The performance analysis using cloud simulator shows that the proposed scheme is highly efficient and secure as it overcomes the limitations of previous approaches of data security using encryption and decryption algorithms and data integrity assurance using TPA due to server computation time and accuracy.

基于WS-Security规范的网格安全技术的研究

本文分析了网格信息传输的机密性、完整性和不可否认性,探讨了GridGSI与WS-Security技术相融合的机制,提出了基于WS-Security规范的网格安全系统的设计思路与解决方案。

Evaluation and scenario simulation for forest ecological security in China

Continuously growing populations and rapid economic development have led to the excessive use of forest resources,and the forest ecosystem is threatened.In response,forest ecological security(FES)has attracted attention.In this study,an integrated dynamic simulation model was constructed using the system dynamic method,and it was used to evaluate the FES in China from 1999 to 2014.A scenario analysis was then used to evaluate the changes in the FES under five forestry policy scenarios for the 2015–2050 period,including the baseline,afforestation policy,harvesting policies,management policy,investment policy,and a policy mix.The results showed that the evaluation values of the FES increased during the period from 1999 to 2002,the period from 2004 to 2010 and the year 2014,and they decreased in 2003 and during the period from 2011 to 2013.During the 2015–2050 simulation period,the FES improved continuously.In particular,China would enter a new stage when the economic systems,social systems and ecosystems were in harmony after 2040.To improve the FES and the current status of the FES,a scenario analysis showed the most suitable scenario to be Scenario 5 from 2015 to 2020 and Scenario 2 from 2021 to 2050.To relieve pressure,the most suitable scenario would be Scenario 5 from 2015 to 2040 and from 2046 to 2050,and the most suitable scenario would be Scenario 4 for 2041–2045.A policy mix(Scenario 5)would be most efficient under current conditions,while the effects of all the benefits of the forestry policies would weaken over the long term.The integrated method can be regarded as a decision support tool to help policy makers understand FES and promulgate a reasonable forestry policy.