In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the p...In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the position of training applied talents,because of the needs of teaching and education,as well as the requirements of teaching reform,the information construction of colleges and universities has been gradually improved,but the problem of network information security is also worth causing people to ponder.The low security of the network environment will cause college network information security leaks,and even hackers will attack the official website of the university and leak the personal information of teachers and students.To solve such problems,this paper studies the protection of college network information security against the background of the digital economy era.This paper first analyzes the significance of network information security protection,then points out the current and moral problems,and finally puts forward specific countermeasures,hoping to create a safe learning environment for teachers and students for reference.展开更多
Platforms facilitate information exchange,streamline resources,and reduce production and management costs for companies.However,some viral information may invade and steal company resources,or lead to information leak...Platforms facilitate information exchange,streamline resources,and reduce production and management costs for companies.However,some viral information may invade and steal company resources,or lead to information leakage.For this reason,this paper discusses the standards for cybersecurity protection,examines the current state of cybersecurity management and the risks faced by cloud platforms,expands the time and space for training on cloud platforms,and provides recommendations for measuring the level of cybersecurity protection within cloud platforms in order to build a solid foundation for them.展开更多
Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the serv...Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.展开更多
At present, in mobile business, the secure environment in the terminal of users has not been embedded, many cryptology-based methods can not be directly used to protect the copyright of digital media. Under this situa...At present, in mobile business, the secure environment in the terminal of users has not been embedded, many cryptology-based methods can not be directly used to protect the copyright of digital media. Under this situation, a transparent system based on watermark for digital right management and digital copyright protection is proposed in this paper. The transparent system is called WDRM (watermark-based digital rights management) and transparent to users. Its core is WDRM Agent. In this paper, system inner model and procession are designed in detail at first, including the registration, the downloading, the super distribution, and the cooperation. Because the watermark embedding and the extraction algorithms are the kernel in this architecture, we also discuss how to choose and design the algorithms. Then we establish a package for all algorithms in WDRM Agent.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since Januar...COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since January 24,and China has carried out intensive epidemic control.It is critical for effectively responding to COVID-19 to collect,collate and analyze people’s personal data.What’s more,obtaining identity information,travel records and health information of confirmed cases,suspected cases and close contacts has become a crucial step in epidemic investigation.All regions have made full use of big data to carry out personnel screening,travel records analysis and other related work in epidemic prevention and control,effectively improving the efficiency of epidemic prevention and control.However,data leakage,personnel privacy data exposure,and personal attack frequently occurred in the process of personnel travel records analysis and epidemic prevention and control.It even happened in the WeChat group to forward a person’s name,phone number,address,ID number and other sensitive information.It brought discrimination,telephone and SMS harassment to the parties,which caused great harm to individuals.Based on these,lack of information security and data security awareness and other issues were exposed.Therefore,while big data has been widely concerned and applied,attention should be paid to protecting personal privacy.It is urgent to pay more attention to data privacy and information security in order to effectively protect the legitimate rights of the people.Therefore,measures can be taken to achieve this goal,such as improving the relevant legal system,strengthening technical means to enhance the supervision and management of information security and data protection.展开更多
With the increasing popularity of cloud storage,data security on the cloud has become increasingly visible.Searchable encryption has the ability to realize the privacy protection and security of data in the cloud.Howe...With the increasing popularity of cloud storage,data security on the cloud has become increasingly visible.Searchable encryption has the ability to realize the privacy protection and security of data in the cloud.However,with the continuous development of quantum computing,the standard Public-key Encryption with Keyword Search(PEKS)scheme cannot resist quantumbased keyword guessing attacks.Further,the credibility of the server also poses a significant threat to the security of the retrieval process.This paper proposes a searchable encryption scheme based on lattice cryptography using blockchain to address the above problems.Firstly,we design a lattice-based encryption primitive to resist quantum keyword guessing attacks.Moreover,blockchain is to decentralize the cloud storage platform’s jurisdiction of data.It also ensures that the traceability of keyword retrieval process and maintains the credibility of search result,which malicious platforms are prevented as much as possible from deliberately sending wrong search results.Last but not least,through security analysis,our proposed scheme satisfies the credibility and unforgeability of the keyword ciphertext.The comprehensive performance evaluates that our scheme has certain advantages in terms of efficiency compared with others.展开更多
The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremel...The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.展开更多
In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an act...In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an actionable method designed to provide organizations with comprehensive guidelines for conducting IT and cybersecurity risk assessments. Drawing extensively from NIST 800-30 Rev 1, COBIT 5, and ISO 31000, “AssessITS” bridges the gap between high-level theoretical standards and practical implementation challenges. The paper outlines a step-by-step methodology that organizations can simply adopt to systematically identify, analyze, and mitigate IT risks. By simplifying complex principles into actionable procedures, this framework equips practitioners with the tools needed to perform risk assessments independently, without too much reliance on external vendors. The guidelines are developed to be straightforward, integrating practical evaluation metrics that allow for the precise quantification of asset values, threat levels, vulnerabilities, and impacts on confidentiality, integrity, and availability. This approach ensures that the risk assessment process is not only comprehensive but also accessible, enabling decision-makers to implement effective risk mitigation strategies customized to their unique operational contexts. “AssessITS” aims to enable organizations to enhance their IT security strength through practical, actionable guidance based on internationally recognized standards.展开更多
In recent years,binary image steganography has developed so rapidly that the research of binary image steganalysis becomes more important for information security.In most state-of-the-art binary image steganographic s...In recent years,binary image steganography has developed so rapidly that the research of binary image steganalysis becomes more important for information security.In most state-of-the-art binary image steganographic schemes,they always find out the flippable pixels to minimize the embedding distortions.For this reason,the stego images generated by the previous schemes maintain visual quality and it is hard for steganalyzer to capture the embedding trace in spacial domain.However,the distortion maps can be calculated for cover and stego images and the difference between them is significant.In this paper,a novel binary image steganalytic scheme is proposed,which is based on distortion level co-occurrence matrix.The proposed scheme first generates the corresponding distortion maps for cover and stego images.Then the co-occurrence matrix is constructed on the distortion level maps to represent the features of cover and stego images.Finally,support vector machine,based on the gaussian kernel,is used to classify the features.Compared with the prior steganalytic methods,experimental results demonstrate that the proposed scheme can effectively detect stego images.展开更多
Mobile IP is an IP layer mobility protocol which allows mobile nodes to remain reachable while moving around in the Internet.In the current IETF Mobile IP specifications,when a mobile node roams, its location movement...Mobile IP is an IP layer mobility protocol which allows mobile nodes to remain reachable while moving around in the Internet.In the current IETF Mobile IP specifications,when a mobile node roams, its location movement can be tracked by simply monitoring the IP addresses in IP packets.Recently, the issue of protecting location information in Mobile IP has received increasing attention,especially within the IETF and the 3GPP standard bodies.In this paper we propose a technique for hiding a mobile node’s location movement information from eavesdroppers during route optimization and as well as from its correspondent node during reverse tunneling. The proposed technique is highly efficient and fully compatible with the base Mobile IPv6 operation.展开更多
This paper considers a decomposition framework as a mechanism for information hiding for secure communication via open network channels. Two varieties of this framework are provided: one is based on Gaussian arithmeti...This paper considers a decomposition framework as a mechanism for information hiding for secure communication via open network channels. Two varieties of this framework are provided: one is based on Gaussian arithmetic with complex modulus and another on an elliptic curve modular equation. The proposed algorithm is illustrated in a numerical example.展开更多
文摘In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the position of training applied talents,because of the needs of teaching and education,as well as the requirements of teaching reform,the information construction of colleges and universities has been gradually improved,but the problem of network information security is also worth causing people to ponder.The low security of the network environment will cause college network information security leaks,and even hackers will attack the official website of the university and leak the personal information of teachers and students.To solve such problems,this paper studies the protection of college network information security against the background of the digital economy era.This paper first analyzes the significance of network information security protection,then points out the current and moral problems,and finally puts forward specific countermeasures,hoping to create a safe learning environment for teachers and students for reference.
文摘Platforms facilitate information exchange,streamline resources,and reduce production and management costs for companies.However,some viral information may invade and steal company resources,or lead to information leakage.For this reason,this paper discusses the standards for cybersecurity protection,examines the current state of cybersecurity management and the risks faced by cloud platforms,expands the time and space for training on cloud platforms,and provides recommendations for measuring the level of cybersecurity protection within cloud platforms in order to build a solid foundation for them.
文摘Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.
基金Supported by the China Next Generation Internet (CNGI)2004 of National Development and Reform Commission (CNGI-04-12-2A) the State Administration of Radio Fil mand Television (2005-02-2)
文摘At present, in mobile business, the secure environment in the terminal of users has not been embedded, many cryptology-based methods can not be directly used to protect the copyright of digital media. Under this situation, a transparent system based on watermark for digital right management and digital copyright protection is proposed in this paper. The transparent system is called WDRM (watermark-based digital rights management) and transparent to users. Its core is WDRM Agent. In this paper, system inner model and procession are designed in detail at first, including the registration, the downloading, the super distribution, and the cooperation. Because the watermark embedding and the extraction algorithms are the kernel in this architecture, we also discuss how to choose and design the algorithms. Then we establish a package for all algorithms in WDRM Agent.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
基金This paper is support by:In 2019,Liaoning Provincial Department of Education Project named“Study on the Path Selection of Rural Revitalization in Ethnic Autonomous Areas of Liaoning Province”The 3rd Azure Talent Project of Dalian Ocean University in 2018+1 种基金In 2019,Liaoning Province’s overseas training project“China-Canada Cooperation Research Plan on Marine Law and Policy”(2019GJWYB019)The Ministry of Education filed the 2017 National and Regional Research Center Project“Northeast Asia Research Center for Marine Law and Policy”(GQ17091).
文摘COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since January 24,and China has carried out intensive epidemic control.It is critical for effectively responding to COVID-19 to collect,collate and analyze people’s personal data.What’s more,obtaining identity information,travel records and health information of confirmed cases,suspected cases and close contacts has become a crucial step in epidemic investigation.All regions have made full use of big data to carry out personnel screening,travel records analysis and other related work in epidemic prevention and control,effectively improving the efficiency of epidemic prevention and control.However,data leakage,personnel privacy data exposure,and personal attack frequently occurred in the process of personnel travel records analysis and epidemic prevention and control.It even happened in the WeChat group to forward a person’s name,phone number,address,ID number and other sensitive information.It brought discrimination,telephone and SMS harassment to the parties,which caused great harm to individuals.Based on these,lack of information security and data security awareness and other issues were exposed.Therefore,while big data has been widely concerned and applied,attention should be paid to protecting personal privacy.It is urgent to pay more attention to data privacy and information security in order to effectively protect the legitimate rights of the people.Therefore,measures can be taken to achieve this goal,such as improving the relevant legal system,strengthening technical means to enhance the supervision and management of information security and data protection.
基金This work was supported by the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province(Grant No.SKLACSS-202101)NSFC(Grant Nos.62176273,61962009,U1936216)+3 种基金the Foundation of Guizhou Provincial Key Laboratory of Public Big Data(No.2019BDKFJJ010,2019BDKFJJ014)the Fundamental Research Funds for Beijing Municipal Commission of Education,Beijing Urban Governance Research Base of North China University of Technology,the Natural Science Foundation of Inner Mongolia(2021MS06006)Baotou Kundulun District Science and technology plan project(YF2020013)Inner Mongolia discipline inspection and supervision big data laboratory open project fund(IMDBD2020020).
文摘With the increasing popularity of cloud storage,data security on the cloud has become increasingly visible.Searchable encryption has the ability to realize the privacy protection and security of data in the cloud.However,with the continuous development of quantum computing,the standard Public-key Encryption with Keyword Search(PEKS)scheme cannot resist quantumbased keyword guessing attacks.Further,the credibility of the server also poses a significant threat to the security of the retrieval process.This paper proposes a searchable encryption scheme based on lattice cryptography using blockchain to address the above problems.Firstly,we design a lattice-based encryption primitive to resist quantum keyword guessing attacks.Moreover,blockchain is to decentralize the cloud storage platform’s jurisdiction of data.It also ensures that the traceability of keyword retrieval process and maintains the credibility of search result,which malicious platforms are prevented as much as possible from deliberately sending wrong search results.Last but not least,through security analysis,our proposed scheme satisfies the credibility and unforgeability of the keyword ciphertext.The comprehensive performance evaluates that our scheme has certain advantages in terms of efficiency compared with others.
文摘The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.
文摘In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an actionable method designed to provide organizations with comprehensive guidelines for conducting IT and cybersecurity risk assessments. Drawing extensively from NIST 800-30 Rev 1, COBIT 5, and ISO 31000, “AssessITS” bridges the gap between high-level theoretical standards and practical implementation challenges. The paper outlines a step-by-step methodology that organizations can simply adopt to systematically identify, analyze, and mitigate IT risks. By simplifying complex principles into actionable procedures, this framework equips practitioners with the tools needed to perform risk assessments independently, without too much reliance on external vendors. The guidelines are developed to be straightforward, integrating practical evaluation metrics that allow for the precise quantification of asset values, threat levels, vulnerabilities, and impacts on confidentiality, integrity, and availability. This approach ensures that the risk assessment process is not only comprehensive but also accessible, enabling decision-makers to implement effective risk mitigation strategies customized to their unique operational contexts. “AssessITS” aims to enable organizations to enhance their IT security strength through practical, actionable guidance based on internationally recognized standards.
基金This work is supported by the National Natural Science Foundation of China(No.U1736118)the Natural Science Foundation of Guangdong(No.2016A030313350)+3 种基金the Special Funds for Science and Technology Development of Guangdong(No.2016KZ010103)the Key Project of Scientific Research Plan of Guangzhou(No.201804020068)the Fundamental Research Funds for the Central Universities(No.16lgjc83 and No.17lgjc45)the Science and Technology Planning Project of Guangdong Province(Grant No.2017A040405051).
文摘In recent years,binary image steganography has developed so rapidly that the research of binary image steganalysis becomes more important for information security.In most state-of-the-art binary image steganographic schemes,they always find out the flippable pixels to minimize the embedding distortions.For this reason,the stego images generated by the previous schemes maintain visual quality and it is hard for steganalyzer to capture the embedding trace in spacial domain.However,the distortion maps can be calculated for cover and stego images and the difference between them is significant.In this paper,a novel binary image steganalytic scheme is proposed,which is based on distortion level co-occurrence matrix.The proposed scheme first generates the corresponding distortion maps for cover and stego images.Then the co-occurrence matrix is constructed on the distortion level maps to represent the features of cover and stego images.Finally,support vector machine,based on the gaussian kernel,is used to classify the features.Compared with the prior steganalytic methods,experimental results demonstrate that the proposed scheme can effectively detect stego images.
基金partly funded by Office of Research, Singapore Management University and Institute for Infocomm Research
文摘Mobile IP is an IP layer mobility protocol which allows mobile nodes to remain reachable while moving around in the Internet.In the current IETF Mobile IP specifications,when a mobile node roams, its location movement can be tracked by simply monitoring the IP addresses in IP packets.Recently, the issue of protecting location information in Mobile IP has received increasing attention,especially within the IETF and the 3GPP standard bodies.In this paper we propose a technique for hiding a mobile node’s location movement information from eavesdroppers during route optimization and as well as from its correspondent node during reverse tunneling. The proposed technique is highly efficient and fully compatible with the base Mobile IPv6 operation.
文摘This paper considers a decomposition framework as a mechanism for information hiding for secure communication via open network channels. Two varieties of this framework are provided: one is based on Gaussian arithmetic with complex modulus and another on an elliptic curve modular equation. The proposed algorithm is illustrated in a numerical example.
