At present,there is still no unified standard for evaluation of agricultural insurance security level,especially in the quantitative evaluation. In order to explore a scientific and reasonable evaluation method for ag...At present,there is still no unified standard for evaluation of agricultural insurance security level,especially in the quantitative evaluation. In order to explore a scientific and reasonable evaluation method for agricultural insurance security level,this paper analyzed the current situation of evaluation methods of social insurance,endowment insurance and medical insurance,as well as the application of security index. It is expected to provide a certain reference for evaluation of agricultural insurance security level by the agricultural insurance security index.展开更多
Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national an...Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: security architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful application of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.展开更多
Current Web services architectures are confronted with a few stubborn problems, and the security problem becomes one of the bottlenecks that restrict the extensive application of Web service. After compared transport ...Current Web services architectures are confronted with a few stubborn problems, and the security problem becomes one of the bottlenecks that restrict the extensive application of Web service. After compared transport level with message level security, the limitation of transport level security became clearly. And then on the basis of the analysis message level security, especially WS-Security, XML security protocol was adopted to guarantee message level security. Because WS-Security is a new protocol jointly developed by Microsoft and IBM among these XML security protocols, and a security-token mechanism of WS-Security mechanism was improved, added a table with security-token types. And a new model consisting of multiple security-token is put forward to guarantee the security of message transmission.展开更多
Ecological security of arable land is closely related to grain security and social stability. This paper took 12 typical indexes from the aspects of ecological pressure, state and response of arable land considering n...Ecological security of arable land is closely related to grain security and social stability. This paper took 12 typical indexes from the aspects of ecological pressure, state and response of arable land considering natural, social and economic conditions to construct the ecological index system of arable land in Panyu District, Guangzhou City, and adopted objective weighting method and comprehensive analysis method to analyze the dynamic change of ecological security and security level of arable land in the study area. The results showed that ecological security pressure value and response value of arable land in Panyu District from 2008 to 2013 increased and the overall ecological security level was low, manifesting the level of "sensitive–risky–sensitive". Specifi cally, ecological security of arable land in 2008 was sensitive, risky from 2009 to 2011, and the security level rose to the sensitive level again in 2012 and 2013. Ecological restoration and rebuilding of arable land should be enhanced, and ecological security early warning system should be established by protecting quantity and quality of arable land, so as to protect arable land resources effectively, and promote sustainable development of arable land.展开更多
Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database ma...Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, MAC and multigranularity audit. DAC solves the problems o f role inheritance, right contain, authorization identify and cascade revoke, et c; MAC includes subject and object security setup rule, security modify rule and multilevel relation access operation rule, etc; Audit allows making the sub ject, object or operation type as different audit object to implement flexible a nd multigranularity audit method. The model is designed act as a security agent to access daemon database. At present, the model is implemented which runs on th e Windows 2000 environments.展开更多
A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lowe...A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lower layer relationalintegrity is presented after we analyze and eliminate the covert channels caused by the database integrity.Two SQL statements are extended to process polyinstantiation in the multilevel secure environment.The system based on the multilevel secure relation hierarchical data model is capable of integratively storing and manipulating complicated objects ( e.g. , multilevel spatial data) and conventional data ( e.g. , integer, real number and character string) in multilevel secure database.展开更多
This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation hierarchical data model is extended to multilevel relatio...This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation hierarchical data model is extended to multilevel relation hierarchical data model. Based on the multilevel relation hierarchical data model, the concept of upper lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects ( e.g., multilevel spatial data) and multilevel conventional data ( e.g., integer, real number and character string).展开更多
The construction industry has long faced the challenge of introducing collaborative systems among multiple stakeholders.This challenge creates a high level of rigidity in terms of processing shared information related...The construction industry has long faced the challenge of introducing collaborative systems among multiple stakeholders.This challenge creates a high level of rigidity in terms of processing shared information related to different processes,robust holistic regulations,payment actualizations,and resource utilization across different nodes.The need for a digital platform to crossconnect all stakeholders is necessary.A blockchain-based platform is a prime candidate to improve the industry in general and the construction supply chain(CSC)in particular.In this paper,a literature review is presented to establish the main challenges that CSC faces in terms of its effects on productivity and efficiency.In addition,the effect of applying blockchain platforms on a case study is presented and analyzed from performance and security level.The analysis aims to emphasize that blockchain,as presented in this paper,is a viable solution to the challenges in the CSC regardless of the risks associated with the security and robustness of the flow of information and data protection.Moreover,a threat analysis of applying a blockchain model on the CSC industry is introduced.This model indicates potential attacks and possible countermeasures to prevent the attacks.Future work is needed to expand,quantify,and optimize the threat model and conduct simulations considering proposed countermeasures for the different blockchain attacks outlined in this study.展开更多
基金Supported by the National Science and Technology Project in the Twelfth FiveYear Plan Period(2014BALO7B03.2)
文摘At present,there is still no unified standard for evaluation of agricultural insurance security level,especially in the quantitative evaluation. In order to explore a scientific and reasonable evaluation method for agricultural insurance security level,this paper analyzed the current situation of evaluation methods of social insurance,endowment insurance and medical insurance,as well as the application of security index. It is expected to provide a certain reference for evaluation of agricultural insurance security level by the agricultural insurance security index.
基金the Natural Science Foundation of Beijing (Grant No. 4052016)the National Natural Science Foundation of China (Grant No. 60573042)the National Grand Fundamental Research 973 Program of China (Grant No. G1999035802)
文摘Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: security architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful application of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.
基金Supported by the National Natural Science Foundation of China (70571056) and the High Technology Research and Development Pro-gram of Hebei Province (04213534, 04213529)
文摘Current Web services architectures are confronted with a few stubborn problems, and the security problem becomes one of the bottlenecks that restrict the extensive application of Web service. After compared transport level with message level security, the limitation of transport level security became clearly. And then on the basis of the analysis message level security, especially WS-Security, XML security protocol was adopted to guarantee message level security. Because WS-Security is a new protocol jointly developed by Microsoft and IBM among these XML security protocols, and a security-token mechanism of WS-Security mechanism was improved, added a table with security-token types. And a new model consisting of multiple security-token is put forward to guarantee the security of message transmission.
基金Sponsored by National Natural Science Foundation of China(41101078)Natural Science Foundation of Guangdong Province(S2013010014526)+5 种基金General Program of Humanities and Social Science Researches of the Ministry of Education(13YJA790074)Characteristic Innovation Program of Guangdong Provincial Department of Education(2014KTSCX090)2013 Program of the"Twelfth Five-year Plan"of Guangdong Provincial Education and Scientifi c Research(2013JK134)(Second-package)Program of the"Twelfth Five-year Plan"of Guangzhou Municipal Education Science(12A037)the"Twelfth Five-year Plan"of Guangzhou Municipal Philosophy and Social Science(15Q28)2014 Provincial Undergraduate Innovative Training Program of Guangdong Provincial Department of Education(201411078056)
文摘Ecological security of arable land is closely related to grain security and social stability. This paper took 12 typical indexes from the aspects of ecological pressure, state and response of arable land considering natural, social and economic conditions to construct the ecological index system of arable land in Panyu District, Guangzhou City, and adopted objective weighting method and comprehensive analysis method to analyze the dynamic change of ecological security and security level of arable land in the study area. The results showed that ecological security pressure value and response value of arable land in Panyu District from 2008 to 2013 increased and the overall ecological security level was low, manifesting the level of "sensitive–risky–sensitive". Specifi cally, ecological security of arable land in 2008 was sensitive, risky from 2009 to 2011, and the security level rose to the sensitive level again in 2012 and 2013. Ecological restoration and rebuilding of arable land should be enhanced, and ecological security early warning system should be established by protecting quantity and quality of arable land, so as to protect arable land resources effectively, and promote sustainable development of arable land.
文摘Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, MAC and multigranularity audit. DAC solves the problems o f role inheritance, right contain, authorization identify and cascade revoke, et c; MAC includes subject and object security setup rule, security modify rule and multilevel relation access operation rule, etc; Audit allows making the sub ject, object or operation type as different audit object to implement flexible a nd multigranularity audit method. The model is designed act as a security agent to access daemon database. At present, the model is implemented which runs on th e Windows 2000 environments.
文摘A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lower layer relationalintegrity is presented after we analyze and eliminate the covert channels caused by the database integrity.Two SQL statements are extended to process polyinstantiation in the multilevel secure environment.The system based on the multilevel secure relation hierarchical data model is capable of integratively storing and manipulating complicated objects ( e.g. , multilevel spatial data) and conventional data ( e.g. , integer, real number and character string) in multilevel secure database.
文摘This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation hierarchical data model is extended to multilevel relation hierarchical data model. Based on the multilevel relation hierarchical data model, the concept of upper lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects ( e.g., multilevel spatial data) and multilevel conventional data ( e.g., integer, real number and character string).
文摘The construction industry has long faced the challenge of introducing collaborative systems among multiple stakeholders.This challenge creates a high level of rigidity in terms of processing shared information related to different processes,robust holistic regulations,payment actualizations,and resource utilization across different nodes.The need for a digital platform to crossconnect all stakeholders is necessary.A blockchain-based platform is a prime candidate to improve the industry in general and the construction supply chain(CSC)in particular.In this paper,a literature review is presented to establish the main challenges that CSC faces in terms of its effects on productivity and efficiency.In addition,the effect of applying blockchain platforms on a case study is presented and analyzed from performance and security level.The analysis aims to emphasize that blockchain,as presented in this paper,is a viable solution to the challenges in the CSC regardless of the risks associated with the security and robustness of the flow of information and data protection.Moreover,a threat analysis of applying a blockchain model on the CSC industry is introduced.This model indicates potential attacks and possible countermeasures to prevent the attacks.Future work is needed to expand,quantify,and optimize the threat model and conduct simulations considering proposed countermeasures for the different blockchain attacks outlined in this study.
