检索结果-南通市图书馆

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

源码缺陷检测资源访问控制研究与实施

信息安全与通信保密 2011年第11期9卷 77-79页

作者：郝永乐商海芳中国信息安全测评中心北京100085 北京启明星辰信息安全技术有限公司北京100193

现有的源代码缺陷检测工具,大多都是单用户或单机版工具。对于这些工具的使用者来说,整个源代码缺陷检测过程中涉及到的各种资源,包括检测源代码、检测工具、检测结果等,都是完全透明和可以完全支配的。而现实中,这些资源对于检测机构... 详细信息

现有的源代码缺陷检测工具,大多都是单用户或单机版工具。对于这些工具的使用者来说,整个源代码缺陷检测过程中涉及到的各种资源,包括检测源代码、检测工具、检测结果等,都是完全透明和可以完全支配的。而现实中,这些资源对于检测机构或被检测机构都是具有较高保密性的,这些资源一旦流失出去,都有可能对某行业或社会造成一定的危害。可以采用业务管理系统与源代码缺陷检测工具集成的方式,在业务管理系统端引入角色管理机制,采用角色、权限和用户的三权分立机制,通过控制用户的资源访问权限,从而达到控制整个源代码缺陷检测过程中资源访问控制的目的。文中将在这方面对该方法的研究和实施进行阐述,同时也说明如何将业务管理系统和检测工具进行集成。

关键词：源代码缺陷检测角色管理资源访问控制系统集成

Identifying heavy hitters in high-speed network monitoring

在线全文

学校读者我要写书评

暂无评论

Science china(information Sciences) 2010年第3期53卷 659-676页

作者： ZHANG Yu1, FANG BinXing1,2 & ZHANG YongZheng2 1Research center of Computer Network and information security technology, Harbin Institute of technology, Harbin 150001, china 2Research center of information security, Institute of Computing technology, Chinese Academy of Sciences, beijing 100190, china 1. Research center of Computer Network and information security technology Harbin Institute of Technology Harbin 150001 China2. Research Center of Information Security Institute of Computing Technology Chinese Academy of Sciences Beijing 100190 China

Identifying heavy hitters in a network traffic stream is important for a variety of network applications ranging from traffic engineering to anomaly detection such as detection of denial-of-service attacks. Existing methods generally examine newly arriving items in the stream, perform a small number of operations using a small amount of memory, and still provide guarantees on the identifying accuracy. In high-speed network monitoring, the update speed per item is extremely critical. However, so far as we know, there are no identifying algorithms which can provide constant update time (O(1)) in a weighted data stream. In this paper, we present an algorithm named Weighted Lossy Counting (WLC) which is able to identify heavy hitters in a high-speed weighted data stream with constant update time. WLC employs a novel efficient partially ordered data structure which is able to provide a fast per-item update speed while keeping the memory cost relatively low. We compare WLC with state-of-the-art algorithms for finding heavy hitters in real traffic traces. The experimental results show that WLC performs well in accuracy (recall, precision and average relative error) as other algorithms; moreover it has a much higher update speed at the cost of relatively larger memory space used. A theoretical worst-case memory bound of WLC is also derived in this paper; however, experiments with long real traffic traces show that WLC requires much less space than the theoretical bound in practice.

关键词： network traffic monitoring heavy hitter weighted data streams

Research on applying physical chaos generator to spacecraft information security

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(Technological Sciences) 2009年第5期52卷 1463-1470页

作者： ZHAO HePing State Key Laboratory of information security,Graduate University of Chinese Academy of Sciences,beijing 100049,china china Academy of Space technology,beijing 100094,china State Key Laboratory of information security Graduate University of Chinese Academy of Sciences Beijing 100049 China china Academy of Space technology Beijing 100094 China

The effectiveness of a short-length message extension method based on physical chaos generator was analyzed and the entropy of the extended message was calculated in this *** analysis demon-strated that with the mentioned method the entropy of short-length messages,which are repeatedly used in spacecraft data systems,is obviously increased,and the security of transmission is enhanced as *** paper also presented an improvement of the protocol for secret key agreement presented by *** and *** of depending on characteristics of communication channel,this method takes advantage of the random data produced by physical chaos generator to preset the initial parameters of the procedure on both sides of communication,so that the procedure and quantity of cipher key can be precisely *** method can be used to cipher key management of se-cure communication between long life-span spacecraft and ground system.

关键词： physical chaos generator spacecraft information security message extension cipher key management

Analysis of a kind of quantum cryptographic schemes based on secret sharing

在线全文

学校读者我要写书评

暂无评论

Science china(Physics,Mechanics & Astronomy) 2009年第9期52卷 1313-1316页

作者： ZHANG XingLan1 & JI DongYao2 1 College of Computer Science and technology, beijing University of technology, beijing 100124, china 2 State Key Laboratory of information security, Graduate University of Chinese Academy of Sciences, beijing 100049, china College of Computer Science and technology Beijing University of Technology Beijing 100124 China State Key Laboratory of information security Graduate University of Chinese Academy of Sciences Beijing 100049 China

Recently, Yang et al. proposed a kind of quantum cryptographic schemes based on secret sharing. The main idea is drawn from the case, where any n participants who share a secret K can co-operate as K does. This process can be applied to encryption, authentication, signature and so on. Unfortunately, since there is no identity authentication of the share's holder, these schemes inherit the limitation of secret sharing in practice. If some participants do not follow the protocol, the protocol would be a failure at last. Moreover, these schemes encounter another serious attack. Any two participants can co-operate to defeat the schemes by sending different shares to the parties unknown to the distributor of the secret K, such that these parties can execute the protocol as well. The attack proves that it is not enough for quantum cryptographic schemes that only the secret key is secure.

关键词： quantum identity authentication quantum secure direct communication quantum signature secret sharing

A formal model of fair exchange protocols

在线全文

学校读者我要写书评

暂无评论

Science in china(Series F) 2005年第4期48卷 499-512页

作者： QING Sihan1,2,3 & LI Gaicheng1,2,3 1. Engineering Research center for information security technology, Institute of Software, Chinese Aca- demy of Sciences, beijing 100080, china 2. beijing Zhongke Ansheng Corporation of information technology, beijing 100080, china 3. Graduate School of the Chinese Academy of Sciences, beijing 100039, china 1. Engineering Research center for information security technology Institute of Software Chinese Academy of Sciences 100080 Beijing China 2. beijing Zhongke Ansheng Corporation of information technology 100080 Beijing China 3. Graduate School of the Chinese Academy of Sciences 100039 Beijing China

Based on the study of existing fair exchange protocols, this paper sets up an accurate formal model by stepwise refinement. In the process of refinement an unreliable channel is employed to simulate an attack behavior. The model provides a novel formal definition of exchanged items, and presents the formal goals for fairness, accountability, etc., reflecting the inherent requirements for fair exchange protocols across-the-board. In order to check, prove, and design fair exchange protocols effectively and efficiently, the model puts forward a novel property of abuse-freeness which applies to all fair exchange protocols, gives a formal definition for trust strand of the third party, and presents general criteria of designing a secure and effective fair exchange protocol. Taking a typical fair exchange protocol as an example, this paper presents the analysis steps of fair exchange protocols appealing to our model. An unknown attack is uncovered. The analysis reveals the process of a complete attack, discovering deeper reasons for causing an attack. Finally, we modify the flawed protocol and the revised protocol ensures the desirable properties.

关键词： events local causal relation local temporal relation global relation exchanged item security goals.

Threshold quantum secure direct communication without entanglement

在线全文

学校读者我要写书评

暂无评论

Science china(Physics,Mechanics & Astronomy) 2008年第2期51卷 176-183页

作者： YANG YuGuang1,3 & WEN QiaoYan2 1 College of Computer Science and technology, beijing University of technology, beijing 100022, china 2 School of Science, beijing University of Posts and Telecommunications, beijing 100876, china 3 State Key Laboratory of information security (Graduate School of Chinese Academy of Sciences), beijing 100049, china 1. College of Computer Science and technology Beijing University of Technology Beijing 100022 China 3. State Key Laboratory of information security (Graduate School of Chinese Academy of Sciences) Beijing 100049 China 2. School of Science Beijing University of Posts and Telecommunications Beijing 100876 China

For the first time, a threshold quantum secure direct communication (TQSDC) scheme is presented. Similar to the classical Shamir's secret sharing scheme, the sender makes n shares, S1, …, Sn of secret key K and each receiver keeps a share secretly. If the sender wants to send a secret message M to the receivers, he en-codes the information of K and M on a single photon sequence and sends it to one of the receivers. According to the secret shares, the t receivers sequentially per-form the corresponding unitary operations on the single photon sequence and ob-tain the secret message M. The shared shares may be reusable if it can be judged that there is no eavesdropper in line. We discuss that our protocol is feasible with current technology.

关键词： quantum secure direct communication threshold secure direct communication quantum secret sharing

Mechanism and Defense on Malicious Code

在线全文

学校读者我要写书评

暂无评论

Wuhan University Journal of Natural Sciences 2005年第1期10卷 83-88页

作者： WEN Wei-ping 1,2,3, QING Si-han 1,2,31. Institute of Software, the Chinese Academy of Sciences, beijing 100080, china 2.Engineering Research center for information security technology, the Chinese Academy of Sciences, beijing 100080, china 3.Graduate School of the Chinese Academy of Sciences, beijing 100080, china Institute of Software the Chinese Academy of Sciences Beijing 100080 China

With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.

关键词： malicious code attacking model mechanism defense system security network security

Formal analysis and design of multi-party fair exchange protocols

在线全文

学校读者我要写书评

暂无评论

Science in china(Series F) 2006年第2期49卷 155-174页

作者： QING Sihan1,2,3 & LI Gaicheng1,3 1. Engineering Research center for information security technology, Institute of Software, Chinese Academy of Sciences, beijing 100080, china 2. beijing Zhongke Ansheng Corporation of information technology, beijing 100080, china 3. Graduate School of the Chinese Academy of Sciences, beijing 100039, china 1. Engineering Research center for information security technology Institute of Software Chinese Academy of Sciences Beijing 100080 China 2. beijing Zhongke Ansheng Corporation of information technology Beijing 100080 China 3. Graduate School of the Chinese Academy of Sciences Beijing 100039 China

Based on the origin of message items and channel combination between transacting parties, and events and relations among events, this paper presents a concise, precise, and hierarchical model for general fair exchange protocols, formally specifies various security requirements which are able to reflect inherent requirements for fair exchange protocols more rigorously, and partition these security requirements with fine granularity. This work helps analyze, debug, and design multi-party fair exchange protocols more effectively and elaborately,

关键词： fair exchange logical protocol formal model security requirement.

Multiparty simultaneous quantum identity authentication with secret sharing

在线全文

学校读者我要写书评

暂无评论

Science china(Physics,Mechanics & Astronomy) 2008年第3期51卷 321-327页

作者： YANG YuGuang1,2,WEN QiaoYan3 & ZHANG Xing4,5 1 College of Computer Science and technology,beijing University of technology,beijing 100022,china 2 State Key Laboratory of information security (Graduate University of the Chinese Academy of Sciences),beijing 100049,china 3 School of Science,beijing University of Posts and Telecommunications,beijing 100876,china 4 Institute of Electronic technology,information Engineering University,Zhengzhou 450004,china 5 Trusted Computing Laboratory,beijing University of technology,beijing 100022,china College of Computer Science technology Beijing University of Technology Beijing 100022 China State Key Laboratory of information security [Graduate University of the Chinese Academy of Sciences] Beijing 100049 China School of Science Beijing University of Posts Telecommunications Beijing 100876 China Institute of Electronic technology Information Engineering University Zhengzhou 450004 China Trusted Computing Laboratory Beijing University of Technology Beijing 100022 China

Two multiparty simultaneous quantum identity authentication (MSQIA) protocols based on secret sharing are presented. All the users can be authenticated by a trusted third party (TTP) simultaneously. In the first protocol,the TTP shares a random key K with all the users using quantum secret sharing. The ith share acts as the authentication key of the ith user. When it is necessary to perform MSQIA,the TTP generates a random number R secretly and sends a sequence of single photons encoded with K and R to all the users. According to his share,each user performs the corresponding unitary operations on the single photon sequence sequentially. At last,the TTP can judge whether the impersonator exists. The sec-ond protocol is a modified version with a circular structure. The two protocols can be efficiently used for MSQIA in a network. They are feasible with current technol-ogy.

关键词： quantum identity authentication secret sharing quantum cryptography