Dynamic spectrum access(DSA) based on cognitive radios(CR) technique is an effective approach to address the "spectrum scarcity" issue. However, traditional CR-enabled DSA system employs only single DSA stra...Dynamic spectrum access(DSA) based on cognitive radios(CR) technique is an effective approach to address the "spectrum scarcity" issue. However, traditional CR-enabled DSA system employs only single DSA strategy, which might not be suited to the dynamic network environment. In this paper, we propose a multi-strategy DSA(MS-DSA) system, where the primary and the secondary system share spectrum resources with multiple DSA strategies simultaneously. To analyze the performance of the proposed MS-DSA system, we model it as a continuous-time Markov chain(CTMC) and derive the expressions to compute the corresponding performance metrics. Based on this, we define a utility function involving the concerns of effective throughput, interference quantity on primary users, and spectrum leasing cost. Two optimization schemes, named as spectrum allocation and false alarm probability selection, are proposed to maximize the utility function. Finally, numerical simulations are provided to validate our analysis and demonstrate that the performance can be significantly improved caused by virtues of the proposed MS-DSA system.展开更多
5G is a new generation of mobile networking that aims to achieve unparalleled speed and performance. To accomplish this, three technologies, Device-to-Device communication (D2D), multi-access edge computing (MEC) and ...5G is a new generation of mobile networking that aims to achieve unparalleled speed and performance. To accomplish this, three technologies, Device-to-Device communication (D2D), multi-access edge computing (MEC) and network function virtualization (NFV) with ClickOS, have been a significant part of 5G, and this paper mainly discusses them. D2D enables direct communication between devices without the relay of base station. In 5G, a two-tier cellular network composed of traditional cellular network system and D2D is an efficient method for realizing high-speed communication. MEC unloads work from end devices and clouds platforms to widespread nodes, and connects the nodes together with outside devices and third-party providers, in order to diminish the overloading effect on any device caused by enormous applications and improve users’ quality of experience (QoE). There is also a NFV method in order to fulfill the 5G requirements. In this part, an optimized virtual machine for middle-boxes named ClickOS is introduced, and it is evaluated in several aspects. Some middle boxes are being implemented in the ClickOS and proved to have outstanding performances.展开更多
In most existing CP-ABE schemes, there is only one authority in the system and all the public keys and private keys are issued by this authority, which incurs ciphertext size and computation costs in the encryption an...In most existing CP-ABE schemes, there is only one authority in the system and all the public keys and private keys are issued by this authority, which incurs ciphertext size and computation costs in the encryption and decryption operations that depend at least linearly on the number of attributes involved in the access policy. We propose an efficient multi-authority CP-ABE scheme in which the authorities need not interact to generate public information during the system initialization phase. Our scheme has constant ciphertext length and a constant number of pairing computations. Our scheme can be proven CPA-secure in random oracle model under the decision q-BDHE assumption. When user's attributes revocation occurs, the scheme transfers most re-encryption work to the cloud service provider, reducing the data owner's computational cost on the premise of security. Finally the analysis and simulation result show that the schemes proposed in this thesis ensure the privacy and secure access of sensitive data stored in the cloud server, and be able to cope with the dynamic changes of users' access privileges in large-scale systems. Besides, the multi-authority ABE eliminates the key escrow problem, achieves the length of ciphertext optimization and enhances the effi ciency of the encryption and decryption operations.展开更多
At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access con...At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access control (MAC) and MLS in virtual machine system,this paper designs Virt-BLP model,which is based on BLP model.For the distinction between virtual machine system and non-virtualized system,we build elements and security axioms of Virt-BLP model by modifying those of BLP.Moreover,comparing with BLP,the number of state transition rules of Virt-BLP is reduced accordingly and some rules can only be enforced by trusted subject.As a result,Virt-BLP model supports MAC and partial discretionary access control (DAC),well satisfying the requirement of MLS in virtual machine system.As space is limited,the implementation of our MAC framework will be shown in a continuation.展开更多
The truncated binary exponential back-off algorithm is one of the most effective methods applied in collision resolution process of random multi-access channel.In this study,two new strategies are presented to improve...The truncated binary exponential back-off algorithm is one of the most effective methods applied in collision resolution process of random multi-access channel.In this study,two new strategies are presented to improve the capability of the truncated binary exponential back-off algorithm.In the new strategies,the sizes of the initial window size or the operating window sizes are adjusted dynamically,which always bring a significant improvement for the self-adaptability of the original algorithm.A series of experiments are simulated and the results verify that the new strategies can make the implementation more stable and effective than the original algorithm.展开更多
In this paper, a hybrid orthogonal and random multiple access scheme with improved performance for capacity-enhanced downlink Code-Division Multiple-Access (CDMA) systems is presented, which is in fact a combination o...In this paper, a hybrid orthogonal and random multiple access scheme with improved performance for capacity-enhanced downlink Code-Division Multiple-Access (CDMA) systems is presented, which is in fact a combination of the conventional orthogonal spreading scheme and the synchronous Interleave Division Multiple Access (IDMA) scheme. The proposed scheme can achieve near single user performance for very large number of users by the iterative turbo like detection. Analysis and simulation results show that the proposed scheme performs better than the synchronous IDMA scheme for the same time complexity. Meanwhile, larger capacity can be provided compared with the conventional orthogonal schemes.展开更多
The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Bas...The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.展开更多
基金supported in part by the National Natural Sciences Foundation of China (NSFC) under Grant 61525103the National Natural Sciences Foundation of China under Grant 61501140the Shenzhen Fundamental Research Project under Grant JCYJ20150930150304185
文摘Dynamic spectrum access(DSA) based on cognitive radios(CR) technique is an effective approach to address the "spectrum scarcity" issue. However, traditional CR-enabled DSA system employs only single DSA strategy, which might not be suited to the dynamic network environment. In this paper, we propose a multi-strategy DSA(MS-DSA) system, where the primary and the secondary system share spectrum resources with multiple DSA strategies simultaneously. To analyze the performance of the proposed MS-DSA system, we model it as a continuous-time Markov chain(CTMC) and derive the expressions to compute the corresponding performance metrics. Based on this, we define a utility function involving the concerns of effective throughput, interference quantity on primary users, and spectrum leasing cost. Two optimization schemes, named as spectrum allocation and false alarm probability selection, are proposed to maximize the utility function. Finally, numerical simulations are provided to validate our analysis and demonstrate that the performance can be significantly improved caused by virtues of the proposed MS-DSA system.
文摘5G is a new generation of mobile networking that aims to achieve unparalleled speed and performance. To accomplish this, three technologies, Device-to-Device communication (D2D), multi-access edge computing (MEC) and network function virtualization (NFV) with ClickOS, have been a significant part of 5G, and this paper mainly discusses them. D2D enables direct communication between devices without the relay of base station. In 5G, a two-tier cellular network composed of traditional cellular network system and D2D is an efficient method for realizing high-speed communication. MEC unloads work from end devices and clouds platforms to widespread nodes, and connects the nodes together with outside devices and third-party providers, in order to diminish the overloading effect on any device caused by enormous applications and improve users’ quality of experience (QoE). There is also a NFV method in order to fulfill the 5G requirements. In this part, an optimized virtual machine for middle-boxes named ClickOS is introduced, and it is evaluated in several aspects. Some middle boxes are being implemented in the ClickOS and proved to have outstanding performances.
基金supported by National Natural Science Foundation of China under Grant No.60873231Natural Science Foundation of Jiangsu Province under Grant No.BK2009426+1 种基金Major State Basic Research Development Program of China under Grant No.2011CB302903Key University Science Research Project of Jiangsu Province under Grant No.11KJA520002
文摘In most existing CP-ABE schemes, there is only one authority in the system and all the public keys and private keys are issued by this authority, which incurs ciphertext size and computation costs in the encryption and decryption operations that depend at least linearly on the number of attributes involved in the access policy. We propose an efficient multi-authority CP-ABE scheme in which the authorities need not interact to generate public information during the system initialization phase. Our scheme has constant ciphertext length and a constant number of pairing computations. Our scheme can be proven CPA-secure in random oracle model under the decision q-BDHE assumption. When user's attributes revocation occurs, the scheme transfers most re-encryption work to the cloud service provider, reducing the data owner's computational cost on the premise of security. Finally the analysis and simulation result show that the schemes proposed in this thesis ensure the privacy and secure access of sensitive data stored in the cloud server, and be able to cope with the dynamic changes of users' access privileges in large-scale systems. Besides, the multi-authority ABE eliminates the key escrow problem, achieves the length of ciphertext optimization and enhances the effi ciency of the encryption and decryption operations.
基金Acknowledgements This work was supported by National Key Basic Research and Development Plan (973 Plan) of China (No. 2007CB310900) and National Natural Science Foundation of China (No. 90612018, 90715030 and 60970008).
文摘At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access control (MAC) and MLS in virtual machine system,this paper designs Virt-BLP model,which is based on BLP model.For the distinction between virtual machine system and non-virtualized system,we build elements and security axioms of Virt-BLP model by modifying those of BLP.Moreover,comparing with BLP,the number of state transition rules of Virt-BLP is reduced accordingly and some rules can only be enforced by trusted subject.As a result,Virt-BLP model supports MAC and partial discretionary access control (DAC),well satisfying the requirement of MLS in virtual machine system.As space is limited,the implementation of our MAC framework will be shown in a continuation.
基金This work was supported by the National Natural Science Foundation of China(No.10371097).
文摘The truncated binary exponential back-off algorithm is one of the most effective methods applied in collision resolution process of random multi-access channel.In this study,two new strategies are presented to improve the capability of the truncated binary exponential back-off algorithm.In the new strategies,the sizes of the initial window size or the operating window sizes are adjusted dynamically,which always bring a significant improvement for the self-adaptability of the original algorithm.A series of experiments are simulated and the results verify that the new strategies can make the implementation more stable and effective than the original algorithm.
基金Supported by the National Natural Science Foundation of China (No.60402017/90604035)the Sichuan Youth Science Foundation (No.05ZQ026-026).
文摘In this paper, a hybrid orthogonal and random multiple access scheme with improved performance for capacity-enhanced downlink Code-Division Multiple-Access (CDMA) systems is presented, which is in fact a combination of the conventional orthogonal spreading scheme and the synchronous Interleave Division Multiple Access (IDMA) scheme. The proposed scheme can achieve near single user performance for very large number of users by the iterative turbo like detection. Analysis and simulation results show that the proposed scheme performs better than the synchronous IDMA scheme for the same time complexity. Meanwhile, larger capacity can be provided compared with the conventional orthogonal schemes.
基金Supported by the National Natural Science Foun-dation of China(60403027) the Natural Science Foundation of HubeiProvince(2005ABA258) the Open Foundation of State Key Labo-ratory of Software Engineering(SKLSE05-07)
文摘The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.
