Theory and technology of network security is the core course of information security major,however,it still faces many challenges in the education of foreign graduate students studying in China.This paper analyzes the...Theory and technology of network security is the core course of information security major,however,it still faces many challenges in the education of foreign graduate students studying in China.This paper analyzes the status quo and existing problems in the course of theory and technology of network security for foreign graduate students studying in China,the most fundamental of which is that the existing teaching materials are difficult to meet the needs of foreign graduate students.In view of the problem,this paper discusses how to improve the existing teaching materials to adapt to the teaching needs for foreign students and puts forward some new ideas and reform measures.展开更多
Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings ...Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings not only convenience to people's daily life and more opportunities to enterprises, but more challenges with information security as well. This paper has a research on new types and features of information security issues in the age of big data, and puts forward the solutions for the above issues: build up the big data security management platform, set up the establishment of information security system and implement relevant laws and regulations.展开更多
Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to imp...Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to improve the coverage and capacity of public mobile network, to enable communication services, to provide Internet access and to enable mobile computing from everywhere, has drawn widespread attention for its good prospects in application. Construction of security system for wireless heterogeneous networks and development of new security models, key security techniques and approaches are critical and mandatory in heterogeneous networks development. Key technology of wireless heterogeneous networks security covers security routing protocol, access authentication, intrusion detection system, cooperative communication between nodes, etc.展开更多
The network integration provides users with a new network with long connection time and a high data rate when needed, but it also brings the defects of all the networks that integrate together into the integrated netw...The network integration provides users with a new network with long connection time and a high data rate when needed, but it also brings the defects of all the networks that integrate together into the integrated network. This will cause all kinds of existing and some new security problems in the operation of the integrated network. A complete protection based on recovery is proposed in the paper. It uses the public-key algorithm to authorize and private-key algorithm to encrypt the communicating data. This solution can provide the system with reliable security, and avoid Denial of Service (DoS) of the user. This solution has been proposed lately, and we should further identify the correct action of all the layers and figure out how to react when a legal node is framed by multiple malicious nodes.展开更多
With the development of NGN technologies and everything over IP,network security has become an important part of the current network.The 3 layers by 3 planes by 8 dimensions security architecture defined by ITU X.805 ...With the development of NGN technologies and everything over IP,network security has become an important part of the current network.The 3 layers by 3 planes by 8 dimensions security architecture defined by ITU X.805 for systems providing end-to-end communications is the basis of the research and application of network security technologies.NGN has several security requirements including security strategy,authentication,authorization,access control and audit,time stamp and time source.NGN divides the network into different security areas in both logical and physical ways,and there are different security strategies for different areas.Through the security mechanisms of identification,authentication and authorization,transmit security,access control,audit and supervision,etc,the security requirements of the network would be realized.展开更多
This paper highlights the work of collaborating European journalists, who in a series of articles, under the heading "Security for Sale-the Price we pay to protect Europeans", problematise the European Union Funding...This paper highlights the work of collaborating European journalists, who in a series of articles, under the heading "Security for Sale-the Price we pay to protect Europeans", problematise the European Union Funding framework for security technology research, which unfortunately may enhance business opportunities for mass surveillance systems in non-democratic states. Based on a case, involving a research project in which I participated as an ethical adviser, the paper illustrates how a lack of global perspectives constitutes a weakness inherent in methodologies within design ethics, such as Privacy professional idealism (Mitcham 2003), by Design and value sensitive the paper concludes by arguing outlook, which goes beyond the walled gardens oft^e European Union design. Finally, drawing on the notion of in favour of moral activism from a global展开更多
Technological nationalism,already being transformed into policy in some countries,could stymie the globalization of science and technology.Growing out from their development and security demands,countries are attempti...Technological nationalism,already being transformed into policy in some countries,could stymie the globalization of science and technology.Growing out from their development and security demands,countries are attempting to safeguard their national interests in the field of science and technology.This resurgence of technological democracy is related to the strategic value of a technology edge,and the intensification of tendencies toward pan-security and trade protectionism.To alleviate technological nationalism,engagement at multiple levels is required to reduce public concern about technical security and the monopoly of science and technology giants when incorporated into technological governance.To reduce the risk of technological advances at the global level atrophying,countries need to be more proactive about technological nationalism and,instead,seek to establish mutual trust.展开更多
Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechani...Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event analyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The experimental results show that COMO can monitor the security of the target virtual machine concurrently within a little performance overhead.展开更多
Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in ...Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.展开更多
文摘Theory and technology of network security is the core course of information security major,however,it still faces many challenges in the education of foreign graduate students studying in China.This paper analyzes the status quo and existing problems in the course of theory and technology of network security for foreign graduate students studying in China,the most fundamental of which is that the existing teaching materials are difficult to meet the needs of foreign graduate students.In view of the problem,this paper discusses how to improve the existing teaching materials to adapt to the teaching needs for foreign students and puts forward some new ideas and reform measures.
基金supported by National Key Technology Support Program(No.2013BAD17B06)Major Program of National Social Science Fund(No.15ZDB154)
文摘Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings not only convenience to people's daily life and more opportunities to enterprises, but more challenges with information security as well. This paper has a research on new types and features of information security issues in the age of big data, and puts forward the solutions for the above issues: build up the big data security management platform, set up the establishment of information security system and implement relevant laws and regulations.
基金the Jiangsu Natural Science Foundation under Grant No.BK2007236Jiangsu Six-Categories Top Talent Fundunder Grand No.SJ207001
文摘Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to improve the coverage and capacity of public mobile network, to enable communication services, to provide Internet access and to enable mobile computing from everywhere, has drawn widespread attention for its good prospects in application. Construction of security system for wireless heterogeneous networks and development of new security models, key security techniques and approaches are critical and mandatory in heterogeneous networks development. Key technology of wireless heterogeneous networks security covers security routing protocol, access authentication, intrusion detection system, cooperative communication between nodes, etc.
文摘The network integration provides users with a new network with long connection time and a high data rate when needed, but it also brings the defects of all the networks that integrate together into the integrated network. This will cause all kinds of existing and some new security problems in the operation of the integrated network. A complete protection based on recovery is proposed in the paper. It uses the public-key algorithm to authorize and private-key algorithm to encrypt the communicating data. This solution can provide the system with reliable security, and avoid Denial of Service (DoS) of the user. This solution has been proposed lately, and we should further identify the correct action of all the layers and figure out how to react when a legal node is framed by multiple malicious nodes.
文摘With the development of NGN technologies and everything over IP,network security has become an important part of the current network.The 3 layers by 3 planes by 8 dimensions security architecture defined by ITU X.805 for systems providing end-to-end communications is the basis of the research and application of network security technologies.NGN has several security requirements including security strategy,authentication,authorization,access control and audit,time stamp and time source.NGN divides the network into different security areas in both logical and physical ways,and there are different security strategies for different areas.Through the security mechanisms of identification,authentication and authorization,transmit security,access control,audit and supervision,etc,the security requirements of the network would be realized.
文摘This paper highlights the work of collaborating European journalists, who in a series of articles, under the heading "Security for Sale-the Price we pay to protect Europeans", problematise the European Union Funding framework for security technology research, which unfortunately may enhance business opportunities for mass surveillance systems in non-democratic states. Based on a case, involving a research project in which I participated as an ethical adviser, the paper illustrates how a lack of global perspectives constitutes a weakness inherent in methodologies within design ethics, such as Privacy professional idealism (Mitcham 2003), by Design and value sensitive the paper concludes by arguing outlook, which goes beyond the walled gardens oft^e European Union design. Finally, drawing on the notion of in favour of moral activism from a global
文摘Technological nationalism,already being transformed into policy in some countries,could stymie the globalization of science and technology.Growing out from their development and security demands,countries are attempting to safeguard their national interests in the field of science and technology.This resurgence of technological democracy is related to the strategic value of a technology edge,and the intensification of tendencies toward pan-security and trade protectionism.To alleviate technological nationalism,engagement at multiple levels is required to reduce public concern about technical security and the monopoly of science and technology giants when incorporated into technological governance.To reduce the risk of technological advances at the global level atrophying,countries need to be more proactive about technological nationalism and,instead,seek to establish mutual trust.
基金supported in part by National Natural Science Foundation of China(NSFC)under Grant No.61100228 and 61202479the National High-tech R&D Program of China under Grant No.2012AA013101+1 种基金the Strategic Priority Research Program of the Chinese Academy of Sciences under Grant No.XDA06030601 and XDA06010701Open Found of Key Laboratory of IOT Application Technology of Universities in Yunnan Province Grant No.2015IOT03
文摘Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event analyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The experimental results show that COMO can monitor the security of the target virtual machine concurrently within a little performance overhead.
基金the Science and Technology Innovation Program of Shanghai Science and Technology Commit-tee(No.19511103500)。
文摘Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.