An Improved Model of Attack Probability Prediction System

This paper presents a novel probability generation algorithm to predict attacks from an insider who exploits known system vulnerabilities through executing authorized operations. It is different from most intrusion detection systems （IDSs） because these IDSs are inefficient to resolve threat from authorized insiders. To deter cracker activities, this paper introduces an improved structure of augmented attack tree and a notion of ＂minimal attack tree＂, and proposes a new generation algorithm of minimal attack tree. We can provide a quantitative approach to help system administrators make sound decision.     

The k-Error Linear Complexity and the Linear Complexity for pq^n-Periodic Binary Sequences

The k-error linear complexity and the linear complexity of the keystream of a stream cipher are two important standards to scale the randomness of the key stream. For a pq^n-periodic binary sequences where p, q are two odd primes satisfying that 2 is a primitive root module p and q^2 and gcd（p-1, q-1） = 2, we analyze the relationship between the linear complexity and the minimum value k for which the k-error linear complexity is strictly less than the linear complexity.     

A New Watermarking Protocol against Conspiracy

A trusted third party introduced in watermarking protocols would decrease the security and affect the implementation of the protocols. In this paper, a new watermarking protocol with an un-trusted third party （UTTP） was proposed. Based on the idea of all-or-nothing disclosure of secret （ANDOS）, all of the buyer, the seller and the third party didn＇t know the exact watermark, which was embedded in a digital content for tracing piracy. The proposed protocol provided mechanisms to trace piracy and protect customer＇s right. In addition, the problem that a seller colluded with UTTP to frame the buyer, namely, the conspiracy problem, could be avoided.     

A Partially Non-Cryptographic Security Routing Protocol in Mobile Ad Hoc Networks

In this paper, we propose a partially non-cryptographic security routing protocol （PNCSR） that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn＇t utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.     

An Efficient Secure Real-Time Concurrency Control Protocol

0 IntroductionThe real-ti me database system(RTDBS) is usually ap-pliedto the safety-critical applications .Inthese applica-tions,besides the ti ming constraints ,it is essential to preventunlawful information flows between different transactions .The traditional real-ti me concurrency protocols such as two-phase locking high priority (2PL-HP)[1], priority ceiling(PC)[2], OPT-WAIT[3], OPT-SACRIFICE[4], etc ., con-centrate on how to mini mize the missing deadlines ratio oftransactio…     

三基于企业网的VPN应用方案

分析了虚拟专用网技术的原理,针对企业网实际运行中出现的问题,提出了一种基于企业网的VPN应用方案,将VPN技术应用于基于公共互联网构架的企业网,较好的解决了企业网多办公地点、远程访问、远程管理等问题.     

具有大2-adic与k错2-adic复杂度的周期序列

在密码学的流密码理论当中,2-adic复杂度、k错2-adic复杂度类似于其它复杂度测度,同样要具有较大的数值.文中借助数论中的中国剩余定理等相关理论研究了二元序列的2-adic复杂度与线性复杂度的关系,证明了具有最大2-adic复杂度以及较大k错2-adic复杂度的N周期序列的存在性,给出了具有这种性质的周期序列的数目的下界.以此种周期序列作为密钥流序列可以有效地抵抗穷举攻击.     

指纹识别式鼠标

该产品开发的目的是将具有唯一性、稳定性的人体生物特征如指纹等用于计算机用户的身份识别，以加强存储在计算机中重要信息的安全。其核心是现场采集的指纹特征与已登记、存储在计算机中的指纹通过可靠的匹配算法，进行一比一的对比来验证用户身份。根据鼠标内部较大空间、贴片式指纹识别芯片及微处理器体积很小的特点，将三者集成为集鼠标与用户身份识别功能于一体的“指纹识别式鼠标”，既方便快捷、又唯一可靠。其开发主要包括硬件设备及驱动程序、系统应用软件、网络安全认证中心建立等。     

分布式系统中服务可生存性的定量分析

随着关键性基础设施对分布式计算系统依赖程度的增高，人们对分布式系统的可生存性要求也日益增高，基于配置的概念，将分布式系统视作层次化的结构，在该层次化的结构中，定义了系统与配置。服务的关系，给出了比较服务可生存性大小的充分条件，描述了系统状态并定义了系统服务间的依赖关系。然后，借助于传统容错方法中与或树概念，将服务用与或结构表示，从而给出了一种服务可生存性的定量表达方法。     

网络安全与防火墙技术

随着人们对Internet依赖度的加深，网络信息安全问题日益成为人们关注和重视的焦点，防火墙技术是Internet上广泛应用的重要安全技术。本文较全面地介绍了防火墙技术的现状及发展动态。