This paper proposes a configurable secure gateway architecture which allows the system administrators to dynamically configure the security mechanisms upon deployment or during the run-time. Rather than allowing the s...This paper proposes a configurable secure gateway architecture which allows the system administrators to dynamically configure the security mechanisms upon deployment or during the run-time. Rather than allowing the system administrators to turn on or off individual security mechanisms, the proposed architecture allows the administrators to configure the gateway based on the security threats to be overcome. The current common architecture leads to tremendous administration overhead and increases the chance of misconfiguration vulnerability. We propose a novel software architecture to aid the product designers to avoid the misconfiguration vulnerability and the end-users to ease the administration overhead. The software architecture makes use of the threats to the gateways and the occurrence relation between the threats to configure the security software components on the gateways. With the software architecture, the end-users can focus on determining the desired security features rather than the software configuration. Moreover, the architecture allows the product designers or security service to incrementally revise the software configuration when new threats appear.展开更多
To protect personal privacy and confidential preservation,access control is used to authorize legal users for safe browsing the authorized contents on photos.The access control generates an authorization rule accordin...To protect personal privacy and confidential preservation,access control is used to authorize legal users for safe browsing the authorized contents on photos.The access control generates an authorization rule according to each permission assignment.However,the general access control is inappropriate to apply in some social services(e.g.,photos posted on Flickr and Instagram,personal image management in mobile phone) because of the increasing popularity of digital images being stored and managed.With low maintenance loads,this paper integrates the data hiding technique to propose an access control mechanism for privacy preservation.The proposed scheme changes the partial regions of a given image as random pads (called selective image encryption) and only allows the authorized people to remedy the random pads back to meaningful ones which are with similar visual qualities of original ones.展开更多
Compared with flat routing protocols, clustering is a fundamental performance improvement technique in wireless sensor networks, which can increase network scalability and lifetime. In this paper, we integrate the mul...Compared with flat routing protocols, clustering is a fundamental performance improvement technique in wireless sensor networks, which can increase network scalability and lifetime. In this paper, we integrate the multi-hop technique with a backoff-based clustering algorithm to organize sensors. By using an adaptive backoff strategy, the algorithm not only realizes load balance among sensor node, but also achieves fairly uniform cluster head distribution across the network. Simulation results also demonstrate our algorithm is more energy-efficient than classical ones. Our algorithm is also easily extended to generate a hierarchy of cluster heads to obtain better network management and energy-efficiency.展开更多
基金supported by National Science Council under Grant No. NSC 101-2218-E-025-001, NSC 100-2221-E-390-012, and NSC 101-2221-E-390-007
文摘This paper proposes a configurable secure gateway architecture which allows the system administrators to dynamically configure the security mechanisms upon deployment or during the run-time. Rather than allowing the system administrators to turn on or off individual security mechanisms, the proposed architecture allows the administrators to configure the gateway based on the security threats to be overcome. The current common architecture leads to tremendous administration overhead and increases the chance of misconfiguration vulnerability. We propose a novel software architecture to aid the product designers to avoid the misconfiguration vulnerability and the end-users to ease the administration overhead. The software architecture makes use of the threats to the gateways and the occurrence relation between the threats to configure the security software components on the gateways. With the software architecture, the end-users can focus on determining the desired security features rather than the software configuration. Moreover, the architecture allows the product designers or security service to incrementally revise the software configuration when new threats appear.
基金supported by MOST under Grant No. 107-2221-E-182-081-MY3。
文摘To protect personal privacy and confidential preservation,access control is used to authorize legal users for safe browsing the authorized contents on photos.The access control generates an authorization rule according to each permission assignment.However,the general access control is inappropriate to apply in some social services(e.g.,photos posted on Flickr and Instagram,personal image management in mobile phone) because of the increasing popularity of digital images being stored and managed.With low maintenance loads,this paper integrates the data hiding technique to propose an access control mechanism for privacy preservation.The proposed scheme changes the partial regions of a given image as random pads (called selective image encryption) and only allows the authorized people to remedy the random pads back to meaningful ones which are with similar visual qualities of original ones.
基金Supported by the National Natural Science Foundation of China under Grant No. 60872018,60721002,60875038the National Basic Research 973 Program of China under Grant No. 2007CB310607+2 种基金SRFDP Project under Grant No. 20070293001the Science and Technology Support Foundation of Jiangsu Province under Grant No. BE2009142 and BE2010180the Scientific Research Foundation of Graduate School of Nanjing University under Grant No. 2011CL07
文摘Compared with flat routing protocols, clustering is a fundamental performance improvement technique in wireless sensor networks, which can increase network scalability and lifetime. In this paper, we integrate the multi-hop technique with a backoff-based clustering algorithm to organize sensors. By using an adaptive backoff strategy, the algorithm not only realizes load balance among sensor node, but also achieves fairly uniform cluster head distribution across the network. Simulation results also demonstrate our algorithm is more energy-efficient than classical ones. Our algorithm is also easily extended to generate a hierarchy of cluster heads to obtain better network management and energy-efficiency.
