一种基于B/S架构的安全数据下载方法研究

文章探讨了一种基于B/S架构系统的安全数据下载方法,并比较了几种可行方案的优缺点,从而说明了文中提出的"下载即删除"的安全数据处理方法可从根本上保证文件下载的安全性。但是,由于浏览器自身功能的限制使得该方法无法直接实现。为此,文章设计了一种流文件传输的变通方案,更好地实现了文中所提出的安全数据处理方法。目前,该方法已在某市住房公积金管理系统中得到应用,并取得了良好效果。     

Quantum secure direct communication and authentication protocol with single photons

A quantum secure direct communication and authentication protocol is proposed by using single photons. An information transmission is completed by sending photons once in quantum channel, which improves the efficiency without losing the security. The protocol encodes identity-string of the receiver as single photons sequence, which acts as detection sequence and implements authentication. Before secret message is encoded as single photons sequence, it is encrypted with identity-string of the sender by using XOR operation, which defends quantum teleportation attack efficiently. The base identity-strings of the sender and the re- ceiver are reused unconditionally secure even in noisy channel. Compared with the protocol proposed by Wang et al. （Phys Lett A, 2006, 358： 256--258）, the protocol in this study sends photons once in one transmission and defends most attacks including ＇man-in-the-middle＇ attack and quantum teleportation attack efficiently.     

TeraPELB:云计算中基于预测的弹性负载均衡算法

现代负载均衡已经成为云计算中虚拟资源管理和调度的核心.针对现有云计算弹性负载均衡存在的不足,提出了一种基于预测的弹性负载均衡资源管理算法(TeraPELB),不仅能更加灵活她动态调配资源,而且支持基于负载的趋势预测.理论分析和仿真实验表明,随着网络员载的变动,TeraPELB算法能根据负载变化情况动态地调整后端服务器集群的处理能力,解决了从云中申请虚拟机具有延迟性而导致迟滞甚至无法满足用户请求的问题,相较于传统的弹性员载均衡算法效果更好.     

使用三维栅格地图的移动机器人路径规划

针对移动机器人使用三维地图进行路径规划的问题,研究了使用三维栅格地图的路径规划算法.该算法将装载三维激光扫描仪的移动机器人得到的三维点云转换成为八叉树结构的三维栅格地图;扩展了D*算法使之考虑机器人的尺寸,检测每种位姿状态下是否与环境发生碰撞,生成多条可行路径可以在栅格地图中直接生成机器人的运动轨迹,保证运动过程中机器人自身及物体的安全.实验结果表明:该算法不需要对地图具有先验认识,并且考虑了机器人的实际尺寸,具有较强的可靠性和实用性,已经在真实环境中进行了实验.     

生态安全格局模式下的小城镇生态环环境整治规划——以石门县为例

运用评价模型对小城镇生态安全问题进行了深度剖析,提出了保护生物、保护农田、保护文化遗产和加强生态基础设施建设等方法,解决小城镇生态安全问题,改善生态安全问题对人们生活的影响和生命健康的威胁,构建健康的生态系统,实现生态安全格局的建立.     

RISE: A RelIable and SEcure Scheme for Wireless Machine to Machine Communications

Wireless Machine to Machine (M2M) communications enable ubiquitous sensing, controlling, and acting via sensors, actuators, and actors. Reliability and security are of foremost importance in wireless M2M systems. A simple, target distinguishing attack can result in M2M’s failure. This paper presents a RelIable and SEcure scheme, RISE, which is a package of policies that guarantee the reliability of data (including sensor reports and actuator instructions) and devices (including sensors, actuators, and actors). The data reliability is improved by four algorithms, ChooseMedian, ChooseMost, ChooseNearest, and Trust-based Enhancement. Report attainability is improved via m repeat-sending and n multiple-reporting algorithms. Device reliability is guaranteed by device-indistinguishability, which comprises data-indistinguishability and behavior-indistinguishability. The security requirements are formally defined, and the security analysis proves the soundness and completeness of the scheme.     

Cloud Computing-Based Forensic Analysis for Collaborative Network Security Management System

Internet security problems remain a major challenge with many security concerns such as Internet worms, spam, and phishing attacks. Botnets, well-organized distributed network attacks, consist of a large number of bots that generate huge volumes of spam or launch Distributed Denial of Service (DDoS) attacks on victim hosts. New emerging botnet attacks degrade the status of Internet security further. To address these problems, a practical collaborative network security management system is proposed with an effective collaborative Unified Threat Management (UTM) and traffic probers. A distributed security overlay network with a centralized security center leverages a peer-to-peer communication protocol used in the UTMs collaborative module and connects them virtually to exchange network events and security rules. Security functions for the UTM are retrofitted to share security rules. In this paper, we propose a design and implementation of a cloud-based security center for network security forensic analysis. We propose using cloud storage to keep collected traffic data and then processing it with cloud computing platforms to find the malicious attacks. As a practical example, phishing attack forensic analysis is presented and the required computing and storage resources are evaluated based on real trace data. The cloud-based security center can instruct each collaborative UTM and prober to collect events and raw traffic, send them back for deep analysis, and generate new security rules. These new security rules are enforced by collaborative UTM and the feedback events of such rules are returned to the security center. By this type of close-loop control, the collaborative network security management system can identify and address new distributed attacks more quickly and effectively.     

基于云计算的健康医疗系统研究

对基于云计算的健康医疗系统进行设计,实现计算、存储、数据等资源的统一管理,将资源池与云计算管理平台分离,提供公众健康服务平台,包括发送健康短信、提供健康评估和专家在线咨询等功能,实现资源共享、节省软硬件资源投入和较为全面的健康医疗服务.     

计算机基础课程中信息系统安全实验专题的设计

计算机基础课程是各专业大学生必修课程,为了培养学生的学习兴趣,提高他们的实际应用能力,在不借助于第三方软件的Windows操作系统环境下,设计了三个信息系统安全实验专题:Windows操作系统安全实验专题、文件系统安全实验专题、防火墙与网络诊断实验专题。