In this paper, a mechanism of bi-directional proxy is proposed, which supports authentication based on identity, and endue different users with different network access permissions. This technology is purposed with a ...In this paper, a mechanism of bi-directional proxy is proposed, which supports authentication based on identity, and endue different users with different network access permissions. This technology is purposed with a new idea towards the implementation of network security, which has a promising future in applications. Key words network security - firewall - bi-directional proxy server - identity authentication CLC number TP 368.5 Foundation item: Supported by the National Natural Science Foundation of China (60173051), The National Research Foundation for the Doctoral Program of Higher Education of China (20030145029). Teaching and Research Award Program for Outstanding Young Teachers in Higher Education Institution of the Ministry of Education; National 863 High-tech Program (2003AA414210)Biography: GAO Fu-xiang (1961-), male, Professor, Master, research direction: computer network security.展开更多
The total reliance on internet connectivity and World Wide Web (WWW) based services is forcing many organizations to look for alternative solutions for providing adequate access and response time to the demand of thei...The total reliance on internet connectivity and World Wide Web (WWW) based services is forcing many organizations to look for alternative solutions for providing adequate access and response time to the demand of their ever increasing users. A typical solution is to increase the bandwidth;this can be achieved with additional cost, but this solution does not scale nor decrease users perceived response time. Another concern is the security of their network. An alternative scalable solution is to deploy a proxy server to provide adequate access and improve response time as well as provide some level of security for clients using the network. While some studies have reported performance increase due to the use of proxy servers, one study has reported performance decrease due to proxy server. We then conducted a six-month proxy server experiment. During this period, we collected access logs from three different proxy servers and analyzed these logs with Webalizer a web server log file analysis program. After a few years, in September 2010, we collected log files from another proxy server, analyzed the logs using Webalizer and compared our results. The result of the analysis showed that the hit rate of the proxy servers ranged between 21% - 39% and over 70% of web pages were dynamic. Furthermore clients accessing the internet through a proxy server are more secured. We then conclude that although the nature of the web is changing, the proxy server is still capable of improving performance by decreasing response time perceived by web clients and improved network security.展开更多
This paper presents a novel approach to proxy blind signatures in the realm of quantum circuits,aiming to enhance security while safeguarding sensitive information.The main objective of this research is to introduce a...This paper presents a novel approach to proxy blind signatures in the realm of quantum circuits,aiming to enhance security while safeguarding sensitive information.The main objective of this research is to introduce a quantum proxy blind signature(QPBS)protocol that utilizes quantum logical gates and quantum measurement techniques.The QPBS protocol is constructed by the initial phase,proximal blinding message phase,remote authorization and signature phase,remote validation,and de-blinding phase.This innovative design ensures a secure mechanism for signing documents without revealing the content to the proxy signer,providing practical security authentication in a quantum environment under the assumption that the CNOT gates are securely implemented.Unlike existing approaches,our proposed QPBS protocol eliminates the need for quantum entanglement preparation,thus simplifying the implementation process.To assess the effectiveness and robustness of the QPBS protocol,we conduct comprehensive simulation studies in both ideal and noisy quantum environments on the IBM quantum cloud platform.The results demonstrate the superior performance of the QPBS algorithm,highlighting its resilience against repudiation and forgeability,which are key security concerns in the realm of proxy blind signatures.Furthermore,we have established authentic security thresholds(82.102%)in the presence of real noise,thereby emphasizing the practicality of our proposed solution.展开更多
With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosur...With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.展开更多
文摘In this paper, a mechanism of bi-directional proxy is proposed, which supports authentication based on identity, and endue different users with different network access permissions. This technology is purposed with a new idea towards the implementation of network security, which has a promising future in applications. Key words network security - firewall - bi-directional proxy server - identity authentication CLC number TP 368.5 Foundation item: Supported by the National Natural Science Foundation of China (60173051), The National Research Foundation for the Doctoral Program of Higher Education of China (20030145029). Teaching and Research Award Program for Outstanding Young Teachers in Higher Education Institution of the Ministry of Education; National 863 High-tech Program (2003AA414210)Biography: GAO Fu-xiang (1961-), male, Professor, Master, research direction: computer network security.
文摘The total reliance on internet connectivity and World Wide Web (WWW) based services is forcing many organizations to look for alternative solutions for providing adequate access and response time to the demand of their ever increasing users. A typical solution is to increase the bandwidth;this can be achieved with additional cost, but this solution does not scale nor decrease users perceived response time. Another concern is the security of their network. An alternative scalable solution is to deploy a proxy server to provide adequate access and improve response time as well as provide some level of security for clients using the network. While some studies have reported performance increase due to the use of proxy servers, one study has reported performance decrease due to proxy server. We then conducted a six-month proxy server experiment. During this period, we collected access logs from three different proxy servers and analyzed these logs with Webalizer a web server log file analysis program. After a few years, in September 2010, we collected log files from another proxy server, analyzed the logs using Webalizer and compared our results. The result of the analysis showed that the hit rate of the proxy servers ranged between 21% - 39% and over 70% of web pages were dynamic. Furthermore clients accessing the internet through a proxy server are more secured. We then conclude that although the nature of the web is changing, the proxy server is still capable of improving performance by decreasing response time perceived by web clients and improved network security.
基金Project supported by the General Project of Natural Science Foundation of Hunan Province(Grant Nos.2024JJ5273 and 2023JJ50328)the Scientific Research Project of Education Department of Hunan Province(Grant Nos.22A0049 and 22B0699)。
文摘This paper presents a novel approach to proxy blind signatures in the realm of quantum circuits,aiming to enhance security while safeguarding sensitive information.The main objective of this research is to introduce a quantum proxy blind signature(QPBS)protocol that utilizes quantum logical gates and quantum measurement techniques.The QPBS protocol is constructed by the initial phase,proximal blinding message phase,remote authorization and signature phase,remote validation,and de-blinding phase.This innovative design ensures a secure mechanism for signing documents without revealing the content to the proxy signer,providing practical security authentication in a quantum environment under the assumption that the CNOT gates are securely implemented.Unlike existing approaches,our proposed QPBS protocol eliminates the need for quantum entanglement preparation,thus simplifying the implementation process.To assess the effectiveness and robustness of the QPBS protocol,we conduct comprehensive simulation studies in both ideal and noisy quantum environments on the IBM quantum cloud platform.The results demonstrate the superior performance of the QPBS algorithm,highlighting its resilience against repudiation and forgeability,which are key security concerns in the realm of proxy blind signatures.Furthermore,we have established authentic security thresholds(82.102%)in the presence of real noise,thereby emphasizing the practicality of our proposed solution.
基金supported by National Key Research and Development Project(No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034)。
文摘With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.
