A Partially Non-Cryptographic Security Routing Protocol in Mobile Ad Hoc Networks

In this paper, we propose a partially non-cryptographic security routing protocol （PNCSR） that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn＇t utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.     

Time-Based Dynamic Trust Model Using Ant Colony Algorithm

The trust in distributed environment is uncertain, which is variation for various factors. This paper introduces TDTM, a model for time-based dynamic trust. Every entity in the distribute environment is endowed with a trust-vector, which figures the trust intensity between this entity and the others. The trust intensity is dynamic due to the time and the inter-operation between two entities, a method is proposed to quantify this change based on the mind of ant colony algorithm and then an algorithm for the transfer of trust relation is also proposed. Furthermore, this paper analyses the influence to the trust intensity among all entities that is aroused by the change of trust intensity between the two entities, and presents an algorithm to resolve the problem. Finally, we show the process of the trusts＇ change that is aroused by the time＇s lapse and the inter-operation through an instance.     

Cache Coherency Design in Pentium Ⅲ SMP System

This paper analyzes cache coherency mechanism from the view of system. It firstly discusses caehe-memory hierarchy of Pentium Ⅲ SMP system, including memory area distribution, cache attributes control and bus transaction. Secondly it analyzes hardware snoopy mechanism of P6 bus and MESI state transitions adopted by Pentium Ⅲ. Based on these, it focuses on how muhiprocessors and the P6 bus cooperate to ensure cache coherency of the whole system, and gives the key of cache coherency design.     

The key technologies in multi-call processing of the VolP Gateway

Bacause Gateway serves many users, there are some related problems to be solved, such as the allocation and management of multiple calls, the synchronization of multiple threads, the state transference and time-out processing. To solve these problems, key technologies in our implementation will be proposed, which are important to the stability and efficiency of the Gateway. At last, the test of our Gateway is shown and analyzed. Foundation item: Supported by Cisco University Research Program Fund at Community Foundation Silicon Valley Biography: HUANG Yong-feng (1967-), male, Associate professor, research direction: the implementation of H. 323 in Gateway.     

A new algorithm for routing in ad-hoc network

In this paper, we propose a new algorithm for wireless mobile and ad-hoc network, which establishes dynamic cluster of nodes. The proposed algorithm, namely, the Mobility Sensitive Routing Protocol (MSRP), consists of routing in cluster and routing between clusters. Ad-hoc network can utilize MSRP to reduce information exchange and communication bandwidth, to shorten route acquisition delay, and to accommodate more nodes. Foundation item: Supported by the National Natural Science Foundation of China (60133010,60073043,70071042). Biography: Zhang Jian (1976-), male, Ph. D candidate. Lecturer, research direction: computer network, network optimization.     

Analysis and improvement of cross-realm client-to-client password authenticated key exchange protocols

Because cross-realm C2C-PAKE （client-to-client password authenticated key exchange） protocols can not resist some attacks, this paper writes up new attacks on two representative protocols, then designs a new cross-realm C2C-PAKE protocol with signature and optimal number of rounds for a client （only 2-rounds between a client and a server）. Finally, it is proved that the new protocol can be resistant to all known attacks through heuristic analysis and that it brings more security through the comparisons of security properties with other protocols.     

Bang bang control of unified chaotic system

The unified chaotic system contains the Lorenz system and the Chen system as two dual systems at the two extremes of its parameter spectrum. This paper presents the design of bang bang controller for unified system and multitude of numerical experiments under various control parameters. Numerical experiments meet the theoretic proof perfectly and convincingly demonstrated the controller can be effectively used for unified systems with uncertainty of the equilibrium points. The method enriches the applications of chaotic control. Foundation item: Supported by the National Natural Science Foundation of China(50209012) Biography: Deng Xiao-ming (1980-), male, Master candidate, research direction: chaos control.     

Mining compressed frequent subtrees set

The number of frequent subtrees usually grows exponentially with the tree size because of combinatorial explosion. As a result, there are too many frequent subtrees for users to manage and use. To solve this problem, we generalize a compressed frame based on δ-cluster to the problem of compressing frequent-subtree sets, and propose an algorithm RPTlocal which can mine compressed frequent subtrees set directly. This algorithm sacrifices the theoretical bounds but still has good compression quality. By pruning the search space and generating frequent subtrees directly, this algorithm is also efficient. Experiment result shows the representative subtrees mining by RPTlocal is almost two orders of magnitude less than the whole collection of the closed subtrees, and is more efficient than CMtreeMiner, the algorithm for mining both closed and Maximal frequent subtrees. Foundation item: Supported by the National Natural Science Foundation of China (70371015)     

A New Watermarking Protocol against Conspiracy

A trusted third party introduced in watermarking protocols would decrease the security and affect the implementation of the protocols. In this paper, a new watermarking protocol with an un-trusted third party （UTTP） was proposed. Based on the idea of all-or-nothing disclosure of secret （ANDOS）, all of the buyer, the seller and the third party didn＇t know the exact watermark, which was embedded in a digital content for tracing piracy. The proposed protocol provided mechanisms to trace piracy and protect customer＇s right. In addition, the problem that a seller colluded with UTTP to frame the buyer, namely, the conspiracy problem, could be avoided.     

Web Voice Browser Based on an ISLPC Text.to.Speech Algorithm

A kind of Web voice browser based on improved synchronous linear predictive coding （ISLPC） and Text-toSpeech （TTS） algorithm and Internet application was proposed. The paper analyzes the features of TTS system with ISLPC speech synthesis and discusses the design and implementation of ISLPC TTS-based Web voice browser. The browser integrates Web technology, Chinese information processing, artificial intelligence and the key technology of Chinese ISLPC speech synthesis. It＇s a visual and audible web browser that can improve information precision for network users. The evaluation results show that ISLPC-based TTS model has a better performance than other browsers in voice quality and capability of identifying Chinese characters.     

Specification and Verification for Semi-Structured Data

Tree logic, inherited from ambient logic, is introduced as the formal foundation of related programming language and type systems, In this paper, we introduce recursion into such logic system, which can describe the tree data more dearly and concisely. By making a distinction between proposition and predicate, a concise semantics interpretation for our modal logic is given. We also develop a model checking algorithm for the logic without △ operator. The correctness of the algorithm is shown. Such work can be seen as the basis of the semi-structured data processing language and more flexible type system.     

Applying evolutionary algorithm to public key cryptosystems

A best algorithm generated scheme is proposed in the paper by making use of the thought of evolutionary algorithm, which can generate dynamically the best algorithm of generating primes in RSA cryptography under different conditions. Taking into account the factors of time, space and security integrated, this scheme possessed strong practicability. The paper also proposed a model of multi-degree parallel evolutionary algorithm to evaluate synthetically the efficiency and security of the public key cryptography. The model contributes to designing public key cryptography system too. Foundation item: Supported by the Hi-Tech Research and Development Foundation item: Supported by the Hi-Tech Research and Development Biography; Tu Hang (1975-), male, Ph. D candidate, research directions: Biography; Tu Hang (1975-), male, Ph. D candidate, research directions:     

A Robust IP Packets Filtering Mechanism for Protecting Web Server from DDoS Attacks

Distributed denial of service （DDoS） attacks exploit the availability of Web servers, resulting in the severe loss of their connectivity. We present a robust IP packets filtering mechanism which combines the detection and filtering engine together to protect Web Servers from DDoS Attacks. The mechanism can detect DDoS attacks by inspecting inbound packets with an IP address database, and filter out lower priority IP addresses to preserve the connection for valid users by monitoring the queues status. We use the Netfilter＇s technique, a framework inside the Linux 2.4. X, to implement it on a Web server. Also, we evaluate this mechanism and analyze the influence of some important parameters on system performance. The experimental results show that this mechanism is effective against DDoS attacks.     

Trustworthiness Technologies of DDSS

The most significant strategic development in information technology over the past years has been ＂trusted computing＂ and trusted computers have been produced. In this paper trusted mechanisms adopted by PC is imported into distributed system, such as chain of trust, trusted root and so on. Based on distributed database server system （DDSS）, a novel model of trusted distributed database server system （TDDSS） is presented ultimately. In TDDSS role-based access control, two-level of logs and other technologies are adopted to ensure the trustworthiness of the system.     

Describing Service-Oriented Architecture by Extended Darwin

Describing Service-Oriented Architecture （SOA） is critical in the development of Web based system, in this paper, an approach for describing SOA by extended Darwin is proposed. The requirements for describing SOA, which are different from that of ordinary architecture, are highlighted firstly, and then a solution for extending Darwin is presented. Using the extended Darwin, service components and connectors can be described explicit by the extended construct, as well as precise operational semantics of SOA by the π-calculus. Finally an example of supply-chain management system is given for manifesting the effect of the extended Darwin.     

BloomRouter： A Framework for Dissemination of Compressed XML Stream

As our best knowledge, in the Publish/Subscribe application environment, few research work has been done on the dissemination and routing of compressed XML （extended markup language） data. A high-speed compressed XML data routing and dissemination framework BloomRouter is proposed. In BloomRouter, a Bloom Filter based prefilte ring mechanism is used to filter out compressed XML elements that users do not care; after that an interval tree dis seminator forwards target elements to the corresponding end users by matching the incomming compressed XML elements with indexed users＇ query regions. Based on this framework, we can efficiently filter/query the compressed incoming XML data, and then route the query result to the corresponding subseriber.     

A protocol for fair electronic purchase based on concurrent signatures

E-commerce protocols for the electronic purchase of goods are difficult to design and implement due to their complexity and high security demands. Fairness of such protocols in literature highly depends on an additional TTP（trusted third party）. However, it is difficult to find such a TTP in some situations. In addition, fairness for customers has been neither fully considered nor well satisfied in existing electronic purchasing protocols. In this paper, a new protocol FEP （fair electronic purchase） without a special TTP but an online bank is presented based on a concurrent digital signature scheme. The FEP protocol guarantees fair electronic purchase of goods via electronic payment between consumers, merchants and their online banks. The protocol is practical and the analysis based on the game logics shows that it achieves the properties of viability, fairness, and timeliness.     

A Scalable Intrusion Detection System for IPv6

0 IntroductionIPv6 ,as a new, widely available version of Internet proto-col , contains numerous features that make it attractivefroma securitystandpoint[1].IPv6is not a panaceafor securi-ty,though, because the basic mechanisms for transportingpackets across the network stay mostly unchanged,and theupper-layer protocols that transport the actual application dataare mostly unaffected.IPv6 is usually deployed without cryp-tographic protections of any kind in real environment[2].So,IPv6 securi…     

Privacy-preserving trust negotiation with hidden credentials and hidden policies in a multi-party environment

Until now, there are numerous protocols that can achieve privacy-preserving trust negotiation between two parties involved, but there is no effective privacy-preserving trust negotiation schemes proposed between multi-users. In this paper, a privacy-preserving trust negotiation scheme with multi-parties is proposed, which can protect their credentials and access control policies during the procedure for establishing the trust between multi-strangers, and its privacy-preserving ability also is proved. These works extend the trust negotiation mechanism to multi-users, which can be thought as a substantial extension of the state-of-the-art in privacy-preserving trust negotiations between two parties involved.