中美贸易与我国经济增长关系研究

应用逐步回归的方法,研究了中美贸易与中国经济增长的关系,并提出了政策建议。     

一种适合于分布式虚拟环境的兴趣管理方法

为了有效地降低分布式虚拟环境的网络通信量，提出了一种可扩展的兴趣管理方法．该方法采用基于表达式的兴趣表示模型，引入了兴趣度的概念，根据发布一订购模式的过滤机制，实现对信息接收和发送的精度和频率的控制．基于自主开发的分布式虚拟环境原型系统AIMNET的运行结果表明，该方法可以根据对象间的不同兴趣度控制通讯细节，减少了不必要的网络通讯，从而减轻系统的网络负载，进一步提高分布式虚拟环境的可扩展性．     

Security Architecture of Trusted Virtual Machine Monitor for Trusted Computing

With analysis of limitations Trusted Computing Group （TCG） has encountered, we argued that virtual machine monitor （VMM） is the appropriate architecture for implementing TCG specification. Putting together the VMM architecture, TCG hardware and application-oriented ＂thin＂ virtual machine （VM）, Trusted VMM-based security architecture is present in this paper with the character of reduced and distributed trusted computing base （TCB）. It provides isolation and integrity guarantees based on which general security requirements can be satisfied.     

Provable Efficient Certificateless Group Key Exchange Protocol

Certificateless public key cryptography （CL-PKC） avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.     

Escrow-Free Certificate-Based Authenticated Key Agreement Protocol from Pairings

Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement （CB-AK） protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart＇s protocol.     

Improved Non-Sieving Quadratic Sieve

In this paper, we give about prime numbers and Blum two theorems and one guess integers.We prove the two theorems about Blum integers.Combining the guess with the primitive non-sieving quadratic sieve,we proposed a improved non-sieving quadratic sieve（INQS）.In INQS,we not only reduce the times of squares and modulo n, but also imply another important conclusion,that is,we don＇t need to find the greatest common divisor of two integers as we do in PNQS.By some examples,we compare it with the primitive non-sieving quadratic sieve（PNQS）. It＇s faster to factor a integer by using improved non-sieving quadratic sieve than the primitive one.     

A Weighted Algorithm for Watermarking Relational Databases

0 Introduction Watermarking relational database become a hotspot in recent years, it aims to protect copyrights by intro- ducing small errors into the original content without af- fecting the usability for intended purpose. Although some pioneer efforts h…     

A Method to Implement Full Anonymous Attestation for Trusted Computing Platform

Trusted computing （TC） technology is brought out by trusted computing group （TCG） to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform＇s real identity, which are Privacy CA-based protocol and direct anonymous attestation （DAA） protocol. However, in the first protocol the privacy CA is the bottleneck and the platform＇s identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM＇s real identity.     

An Authentication Method of Distinguishing Proxy＇s Secure Accident Responsibility

The publish/subscribe （pub/sub） paradigm has asynchronous, loosely-coupled and many-to-many communication properties and is widely used in the application of large-scale distributed computing environment. There is the problem that is mutual trustable between network proxies in terms of pub/sub systems and the problem which is hardly to distinguish accident responsibility while the accident happens in Kerberos based on symmetrical encryption algorithm. A proxy identity authentication algorithm based on RSA encryption is proposed to solve the problem of mutual trust between proxies, and the security of the messages is guaranteed through certificate delegation. The algorithm can distinguish accident responsibility. The feasibility analysis, security analysis and efficiency analysis of the algorithm are carried out.     

Intrusion Detection Method for Program Vulnerability via Library Calls

Library function call sequence is the direct reflection of a program＇s behavior. The relationship between program vulnerability and library calls is analyzed, and an intrusion detection method via library calls is proposed, in which the short sequences of library call are used as signature profile. In this intrusion detection method, library interposition is used to hook library calls, and with the discussion of the features of the library call sequence in detail, an algorithm based on information-theory is applied to determine the appropriate length of the library call sequence. Experiments show good performance of our method against intrusions caused by the popular program vulnerabilities.