Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and th...Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.展开更多
PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer ...PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC (Role-based Access control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is deseribed in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.展开更多
Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained poli...Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.展开更多
Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain, the role delegation and role mappin...Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain, the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed.展开更多
Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenan...Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD PDM, an enterprise oriented product data management (PDM) system.展开更多
Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource.This paper analyzes the relatio...Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource.This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.展开更多
The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Bas...The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.展开更多
Access control in multi-domain environments is one of the important questions of building coalition between domains. On the basis of RBAC access control model, the concepts of role delegation and role mapping are prop...Access control in multi-domain environments is one of the important questions of building coalition between domains. On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization. Then, a distributed RBAC model is presented. Finally the implementation issues are discussed.展开更多
Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed “virtual organizations”. The heterogeneous, dynamic and multi-domain nature of these environments makes challengin...Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed “virtual organizations”. The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user’s environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.展开更多
The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based acc...The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based access control management which is relatively independent in the applied system. This management achieves the control on user's access by distribution and cancel of role-play,which is a better solution to the problems of the access control management for the applied system. Besides,a complete scheme for the realization of this access control was provided.展开更多
Role-based network embedding aims to embed role-similar nodes into a similar embedding space,which is widely used in graph mining tasks such as role classification and detection.Roles are sets of nodes in graph networ...Role-based network embedding aims to embed role-similar nodes into a similar embedding space,which is widely used in graph mining tasks such as role classification and detection.Roles are sets of nodes in graph networks with similar structural patterns and functions.However,the rolesimilar nodes may be far away or even disconnected from each other.Meanwhile,the neighborhood node features and noise also affect the result of the role-based network embedding,which are also challenges of current network embedding work.In this paper,we propose a Role-based network Embedding via Quantum walk with weighted Features fusion(REQF),which simultaneously considers the influence of global and local role information,node features,and noise.Firstly,we capture the global role information of nodes via quantum walk based on its superposition property which emphasizes the local role information via biased quantum walk.Secondly,we utilize the quantum walkweighted characteristic function to extract and fuse features of nodes and their neighborhood by different distributions which contain role information implicitly.Finally,we leverage the Variational Auto-Encoder(VAE)to reduce the effect of noise.We conduct extensive experiments on seven real-world datasets,and the results show that REQF is more effective at capturing role information in the network,which outperforms the best baseline by up to 14.6% in role classification,and 23% in role detection on average.展开更多
The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access cont...The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access control scheme is proposed.Firstly,writing the reputation value as an attribute into the access control policy,and then deploying the access control policy in the smart contract of the blockchain system can enable the system to provide more fine-grained access control;Secondly,storing a large amount of resources fromthe Internet of Things in Inter Planetary File System(IPFS)to improve system throughput;Finally,map resource access operations to qualification tokens to improve the performance of the access control system.Complete simulation experiments based on the Hyperledger Fabric platform.Fromthe simulation experimental results,it can be seen that the access control system can achieve more fine-grained and dynamic access control while maintaining high throughput and low time delay,providing sufficient reliability and security for access control of IoT devices.展开更多
Equal access to social infrastructures is a fundamental prerequisite for sustainable development,but has long been a great challenge worldwide.Previous studies have primarily focused on the accessibility to social inf...Equal access to social infrastructures is a fundamental prerequisite for sustainable development,but has long been a great challenge worldwide.Previous studies have primarily focused on the accessibility to social infras-tructures in urban areas across various scales,with less attention to rural areas,where inequality can be more severe.Particularly,few have investigated the disparities of accessibility to social infrastructures between urban and rural areas.Here,using the Changsha-Zhuzhou-Xiangtan urban agglomeration,China,as an example,we investigated the inequality of accessibility in both urban and rural areas,and further compared the urban-rural difference.Accessibility was measured by travel time of residents to infrastructures.We selected four types of social infrastructures including supermarkets,bus stops,primary schools,and health care,which were funda-mentally important to both urban and rural residents.We found large disparities in accessibility between urban and rural areas,ranging from 20 min to 2 h.Rural residents had to spend one to two more hours to bus stops than urban residents,and 20 min more to the other three types of infrastructures.Furthermore,accessibility to multiple infrastructures showed greater urban-rural differences.Rural residents in more than half of the towns had no access to any infrastructure within 15 min,while more than 60%of the urban residents could access to all infrastructures within 15 min.Our results revealed quantitative accessibility gap between urban and rural areas and underscored the necessity of social infrastructures planning to address such disparities.展开更多
Over the past few decades,the Internet has rapidly diffused across China.The spread of the Internet has had a profound economic and social impact on Chinese rural areas.Existing research shows that Internet access sig...Over the past few decades,the Internet has rapidly diffused across China.The spread of the Internet has had a profound economic and social impact on Chinese rural areas.Existing research shows that Internet access significantly impacts agricultural production and improves smallholder farmers’income.Beyond these,the Internet can affect other dimensions of social welfare.However,research about the impact of Internet access on dietary quality in rural China remains scarce.This study utilizes multi-period panel data from Fixed Observation Point in rural China from 2009 to 2015 to estimate the impact of Internet access on dietary quality and food consumption of rural households and conducts a causal analysis.Regression models with time and household fixed effects allow robust estimation while reducing potential issues of unobserved heterogeneity.The estimates show that Internet access has significantly increased rural household dietary quality(measured by the Chinese Diet Balance Index).Further research finds that Internet access has increased the consumption of animal products,such as aquatic and dairy products.We also examine the underlying mechanisms.Internet access improves dietary quality and food consumption mainly through increasing household income and food expenditure.These results encourage the promotion of Internet access as a valuable tool for nutritional improvements,especially in rural areas.展开更多
As the risks associated with air turbulence are intensified by climate change and the growth of the aviation industry,it has become imperative to monitor and mitigate these threats to ensure civil aviation safety.The ...As the risks associated with air turbulence are intensified by climate change and the growth of the aviation industry,it has become imperative to monitor and mitigate these threats to ensure civil aviation safety.The eddy dissipation rate(EDR)has been established as the standard metric for quantifying turbulence in civil aviation.This study aims to explore a universally applicable symbolic classification approach based on genetic programming to detect turbulence anomalies using quick access recorder(QAR)data.The detection of atmospheric turbulence is approached as an anomaly detection problem.Comparative evaluations demonstrate that this approach performs on par with direct EDR calculation methods in identifying turbulence events.Moreover,comparisons with alternative machine learning techniques indicate that the proposed technique is the optimal methodology currently available.In summary,the use of symbolic classification via genetic programming enables accurate turbulence detection from QAR data,comparable to that with established EDR approaches and surpassing that achieved with machine learning algorithms.This finding highlights the potential of integrating symbolic classifiers into turbulence monitoring systems to enhance civil aviation safety amidst rising environmental and operational hazards.展开更多
This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extens...This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extension of XACML.A-XACML is used as a simple,flexible way to express and enforce access control policies,especially attribute-based access control policy,in a variety of environments.The language and schema support include data types,functions,and combining logic which allow simple and complex policies to be defined.Finally,a system architecture and application case of user-role assignment is given to show how attribute expressions and A-XACML work in access control policy description and enforcement.The case shows that attribute expression and A-XACML can describe and enforce the complex access control policy in a simple and flexible way.展开更多
There are numerous terminals in the satellite Internet of Things(IoT).To save cost and reduce power consumption,the system needs terminals to catch the characteristics of low power consumption and light control.The re...There are numerous terminals in the satellite Internet of Things(IoT).To save cost and reduce power consumption,the system needs terminals to catch the characteristics of low power consumption and light control.The regular random access(RA)protocols may generate large amounts of collisions,which degrade the system throughout severally.The near-far effect and power control technologies are not applicable in capture effect to obtain power difference,resulting in the collisions that cannot be separated.In fact,the optimal design at the receiving end can also realize the condition of packet power domain separation,but there are few relevant researches.In this paper,an auxiliary beamforming scheme is proposed for power domain signal separation.It adds an auxiliary reception beam based on the conventional beam,utilizing the correlation of packets in time-frequency domain between the main and auxiliary beam to complete signal separation.The roll-off belt of auxiliary beam is used to create the carrier-to-noise ratio(CNR)difference.This paper uses the genetic algorithm to optimize the auxiliary beam direction.Simulation results show that the proposed scheme outperforms slotted ALOHA(SA)in terms of system throughput per-formance and without bringing terminals additional control burden.展开更多
基金Project(61003140) supported by the National Natural Science Foundation of ChinaProject(013/2010/A) supported by Macao Science and Technology Development FundProject(10YJC630236) supported by Social Science Foundation for the Youth Scholars of Ministry of Education of China
文摘Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.
基金Supported by the National Tenth Five-rear Planfor Scientific and Technological Development of China (413160501)the National Natural Science Foundation of China (50477038)
文摘PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC (Role-based Access control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is deseribed in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.
基金Funded by the Natural Science Foundation of China under Grant Nos. 60503040 and 60403027.
文摘Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.
文摘Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain, the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed.
文摘Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD PDM, an enterprise oriented product data management (PDM) system.
基金The National Natural Science Foundation of China(No60402019No60672068)
文摘Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource.This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.
基金Supported by the National Natural Science Foun-dation of China(60403027) the Natural Science Foundation of HubeiProvince(2005ABA258) the Open Foundation of State Key Labo-ratory of Software Engineering(SKLSE05-07)
文摘The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.
文摘Access control in multi-domain environments is one of the important questions of building coalition between domains. On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization. Then, a distributed RBAC model is presented. Finally the implementation issues are discussed.
基金Supported by the National Natural Science Foundation of China (No.60403027) .
文摘Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed “virtual organizations”. The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user’s environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.
文摘The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based access control management which is relatively independent in the applied system. This management achieves the control on user's access by distribution and cancel of role-play,which is a better solution to the problems of the access control management for the applied system. Besides,a complete scheme for the realization of this access control was provided.
基金supported in part by the National Nature Science Foundation of China(Grant 62172065)the Natural Science Foundation of Chongqing(Grant cstc2020jcyjmsxmX0137).
文摘Role-based network embedding aims to embed role-similar nodes into a similar embedding space,which is widely used in graph mining tasks such as role classification and detection.Roles are sets of nodes in graph networks with similar structural patterns and functions.However,the rolesimilar nodes may be far away or even disconnected from each other.Meanwhile,the neighborhood node features and noise also affect the result of the role-based network embedding,which are also challenges of current network embedding work.In this paper,we propose a Role-based network Embedding via Quantum walk with weighted Features fusion(REQF),which simultaneously considers the influence of global and local role information,node features,and noise.Firstly,we capture the global role information of nodes via quantum walk based on its superposition property which emphasizes the local role information via biased quantum walk.Secondly,we utilize the quantum walkweighted characteristic function to extract and fuse features of nodes and their neighborhood by different distributions which contain role information implicitly.Finally,we leverage the Variational Auto-Encoder(VAE)to reduce the effect of noise.We conduct extensive experiments on seven real-world datasets,and the results show that REQF is more effective at capturing role information in the network,which outperforms the best baseline by up to 14.6% in role classification,and 23% in role detection on average.
文摘The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access control scheme is proposed.Firstly,writing the reputation value as an attribute into the access control policy,and then deploying the access control policy in the smart contract of the blockchain system can enable the system to provide more fine-grained access control;Secondly,storing a large amount of resources fromthe Internet of Things in Inter Planetary File System(IPFS)to improve system throughput;Finally,map resource access operations to qualification tokens to improve the performance of the access control system.Complete simulation experiments based on the Hyperledger Fabric platform.Fromthe simulation experimental results,it can be seen that the access control system can achieve more fine-grained and dynamic access control while maintaining high throughput and low time delay,providing sufficient reliability and security for access control of IoT devices.
基金supported by funding from the National Natural Science Foundation of China(Grant No.U21A2010)the National Science Fund for Distinguished Young Scholars(Grant No.42225104)the National Key Research and Development Program(Grant No.2022YFF130110O).
文摘Equal access to social infrastructures is a fundamental prerequisite for sustainable development,but has long been a great challenge worldwide.Previous studies have primarily focused on the accessibility to social infras-tructures in urban areas across various scales,with less attention to rural areas,where inequality can be more severe.Particularly,few have investigated the disparities of accessibility to social infrastructures between urban and rural areas.Here,using the Changsha-Zhuzhou-Xiangtan urban agglomeration,China,as an example,we investigated the inequality of accessibility in both urban and rural areas,and further compared the urban-rural difference.Accessibility was measured by travel time of residents to infrastructures.We selected four types of social infrastructures including supermarkets,bus stops,primary schools,and health care,which were funda-mentally important to both urban and rural residents.We found large disparities in accessibility between urban and rural areas,ranging from 20 min to 2 h.Rural residents had to spend one to two more hours to bus stops than urban residents,and 20 min more to the other three types of infrastructures.Furthermore,accessibility to multiple infrastructures showed greater urban-rural differences.Rural residents in more than half of the towns had no access to any infrastructure within 15 min,while more than 60%of the urban residents could access to all infrastructures within 15 min.Our results revealed quantitative accessibility gap between urban and rural areas and underscored the necessity of social infrastructures planning to address such disparities.
基金This study was supported in part by the National Natural Science Foundation of China(71973136 and 72061147002)the 2115 Talent Development Program of China Agricultural University.
文摘Over the past few decades,the Internet has rapidly diffused across China.The spread of the Internet has had a profound economic and social impact on Chinese rural areas.Existing research shows that Internet access significantly impacts agricultural production and improves smallholder farmers’income.Beyond these,the Internet can affect other dimensions of social welfare.However,research about the impact of Internet access on dietary quality in rural China remains scarce.This study utilizes multi-period panel data from Fixed Observation Point in rural China from 2009 to 2015 to estimate the impact of Internet access on dietary quality and food consumption of rural households and conducts a causal analysis.Regression models with time and household fixed effects allow robust estimation while reducing potential issues of unobserved heterogeneity.The estimates show that Internet access has significantly increased rural household dietary quality(measured by the Chinese Diet Balance Index).Further research finds that Internet access has increased the consumption of animal products,such as aquatic and dairy products.We also examine the underlying mechanisms.Internet access improves dietary quality and food consumption mainly through increasing household income and food expenditure.These results encourage the promotion of Internet access as a valuable tool for nutritional improvements,especially in rural areas.
基金supported by the Meteorological Soft Science Project(Grant No.2023ZZXM29)the Natural Science Fund Project of Tianjin,China(Grant No.21JCYBJC00740)the Key Research and Development-Social Development Program of Jiangsu Province,China(Grant No.BE2021685).
文摘As the risks associated with air turbulence are intensified by climate change and the growth of the aviation industry,it has become imperative to monitor and mitigate these threats to ensure civil aviation safety.The eddy dissipation rate(EDR)has been established as the standard metric for quantifying turbulence in civil aviation.This study aims to explore a universally applicable symbolic classification approach based on genetic programming to detect turbulence anomalies using quick access recorder(QAR)data.The detection of atmospheric turbulence is approached as an anomaly detection problem.Comparative evaluations demonstrate that this approach performs on par with direct EDR calculation methods in identifying turbulence events.Moreover,comparisons with alternative machine learning techniques indicate that the proposed technique is the optimal methodology currently available.In summary,the use of symbolic classification via genetic programming enables accurate turbulence detection from QAR data,comparable to that with established EDR approaches and surpassing that achieved with machine learning algorithms.This finding highlights the potential of integrating symbolic classifiers into turbulence monitoring systems to enhance civil aviation safety amidst rising environmental and operational hazards.
基金The National High Technology Research and Development Program of China(863Program)(No.2007AA01Z445)
文摘This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extension of XACML.A-XACML is used as a simple,flexible way to express and enforce access control policies,especially attribute-based access control policy,in a variety of environments.The language and schema support include data types,functions,and combining logic which allow simple and complex policies to be defined.Finally,a system architecture and application case of user-role assignment is given to show how attribute expressions and A-XACML work in access control policy description and enforcement.The case shows that attribute expression and A-XACML can describe and enforce the complex access control policy in a simple and flexible way.
基金supported by the National Science Foundation of China(No.U21A20450)Natural Science Foundation of Jiangsu Province Major Project(No.BK20192002)+1 种基金National Natural Science Foundation of China(No.61971440)National Natural Science Foundation of China(No.62271266).
文摘There are numerous terminals in the satellite Internet of Things(IoT).To save cost and reduce power consumption,the system needs terminals to catch the characteristics of low power consumption and light control.The regular random access(RA)protocols may generate large amounts of collisions,which degrade the system throughout severally.The near-far effect and power control technologies are not applicable in capture effect to obtain power difference,resulting in the collisions that cannot be separated.In fact,the optimal design at the receiving end can also realize the condition of packet power domain separation,but there are few relevant researches.In this paper,an auxiliary beamforming scheme is proposed for power domain signal separation.It adds an auxiliary reception beam based on the conventional beam,utilizing the correlation of packets in time-frequency domain between the main and auxiliary beam to complete signal separation.The roll-off belt of auxiliary beam is used to create the carrier-to-noise ratio(CNR)difference.This paper uses the genetic algorithm to optimize the auxiliary beam direction.Simulation results show that the proposed scheme outperforms slotted ALOHA(SA)in terms of system throughput per-formance and without bringing terminals additional control burden.
