Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks

A distributed Wireless Sensor Network (WSN) is a collection of low-end devices with wireless message exchange capabilities. Due to the scarcity of hardware resources, the lack of network infrastructures, and the threats to security, implementing secure pair-wise communications among any pair of sensors is a challenging problem in distributed WSNs. In particular, memory and energy consumption as well as resilience to sensor physical compromise are the most stringent requirements. In this paper, we introduce a new threat model to communications confidentiality in WSNs, the smart attacker model. Under this new, more realistic model, the security features of previously proposed schemes decrease drastically. We then describe a novel pseudo-random key pre-deployment strategy ESP that combines all the following properties: (a) it supports an energy-efficient key discovery phase requiring no communications; (b) it provides node to node authentication; (c) it is highly resistant to the smart attacker.We provide both asymptotic results and extensive simulations of the schemes that are beingproposed. This work was partially funded by the WEB-MINDS project supported by the Italian MIUR under the FIRB program, and by the PRIN 2003 “Web-based Management and Representation of Spatial and Geographic Data” program from the Italian MIUR. Roberto Di Pietro is partially funded by ISTI-CNR, WNLab, Pisa, with a Post-doc grant under the IS-MANET program. Roberto Di Pietro received the Ph.D. in Computer Science from the University of Roma “La Sapienza”, Italy, in 2004. He received the Bs. and Ms. degree in Computer Science from the University of Pisa, Italy, in 1994. Since 1995 he has been working for the technical branch of the Italian Army and the Internal Affairs Ministry. His main research interests include: security for mobile ad hoc and wireless networks, security for distributed systems, secure multicast, applied cryptography and computer forensics. Luigi V. Mancini received the PhD degre in Computer Science from the University of Newcastle upon Tyne, UK, in 1989, and the Laurea degree in Computer Science from the University of Pisa, Italy, in 1983. From 2000, he is a full professor of Computer Science at the Dipartimento di Informatica of the University of Rome “La Sapienza”. Since 1994, he is a visiting research professor of the Center for Secure Information Systems, GMU, Virginia, USA. Currently he is the advisor of six Ph.D students. His current research interests include: computer network and information security, wireless network security, fault-tolerant distributed systems, large-scale peer-to-peer systems, and hard-real-time distributed systems. He published more than 60 scientific papers in international conferences and journals such as: ACM TISSEC, IEEE TKDE, IEEE TPDS, and IEEE TSE. He served in the program committees of several international conferences which include: ACM Conference on Computer and Communication Security, ACM Conference on Conceptual Modeling, ACM Symposium on Access Control Models and Technology, ACM Workshop of Security of Ad-hoc and Sensor Networks, IEEE Securecomm, IEEE Conference on Cluster Computing. He is also the program chair of the first two editions of the IEEE Workshop on Hot Topics in Peer-to-Peer Systems held in 2004 (Volendam, Holand) and in 2005 (San Diego, California). Currently, he is a member of the Scientific Board of the Italian Communication Police force, and the director of the Master degree program in Computer and Network Security of the University of Rome “La Sapienza”, Italy. Alessandro Mei received the Laurea degree in computer science from the University of Pisa, Italy, in 1994, and the PhD degree in mathematics from the University of Trento, Italy, in 1999. In 1998, he was at the Department of EE-Systems of the University of Southern California, Los Angeles, as a visiting scholar for one year. After holding a postdoctoral position at the University of Trento, in 2001 he joined the Faculty of Science of the University of Rome "La Sapienza", Italy, as an assistant professor of computer science. His main research interests include security of distributed systems and networks, algorithms for parallel, distributed, and optical systems and reconfigurable computing. He was presented with the Best Paper Award of the 16th IEEE International Parallel and Distributed Processing Symposium in 2002, the EE-Systems Outstanding Research Paper Award of the University of Southern California for 2000, and the Outstanding Paper Award of the Fifth IEEE/ACM International Conference on High Performance Computing in 1998. He is a member of the ACM and the IEEE and, from 2005, he is an Associate Editor of IEEE Transactions on Computers.     

大数据背景下信息通信网络安全管理策略研究

21世纪以来,信息通信网络技术在我国经济发展、国家建设、提高民生质量等诸多领域上都做出了杰出贡献,也极大地促进了我国信息通信网络技术的发展进步。在快速发展的同时,由于我国网络管理结构建设不够完善,体制不够全面,导致信息网络安全管理工作出现不足,极大地影响了我国网络安全。随着网络技术的进一步发展,我们必须提高信息通信网络安全管理,积极利用大数据技术手段,加强我国信息通信网络建设。     

加强生活中信息安全保护的必要性及对策研究

文章介绍了当前企事业单位在所处的信息环境中面临的信息安全问题及普通民众关心的七个热点问题，论述了在日常生活中对信息进行保护的重要性和必要性，及信息资源网络化对政治、经济、文化带来的深远影响，对国家主权带来的挑战。同时，强调了应合理地协调法律、技术和管理三方面的因素，构建安全的信息系统防范体系。     

Understanding the actual use of open data: Levels of engagement and how they are related

Government agencies at the national, regional and local levels are proposing open data as a strategy to increase transparency, strengthen accountability, and promote economic development, among other goals. However, little is understood about the actual use of open data, particularly how open data portal users engage with open datasets. This study analyzes the actual use of open data with a focus on a specific type of use, namely engagement. It is based on a cross-sectional analysis of web analytic behavioral data, from New York State’s open health data portal, that quantifies users’ engagement with open datasets. Results of an exploratory factor analysis confirm the presence of distinct levels of users’ engagement with open datasets. In addition, a PLS-SEM analysis reveals significant positive relationships between lower and higher levels of engagement, suggesting users’ engagement with open datasets occurs along a continuum, with lower levels of engagement influencing higher levels. Theoretically, this study contributes a new sub-construct (“Engagement”) to the Unified Theory of Acceptance and Use of Technology (UTAUT) theoretical framework to facilitate a more nuanced understanding of actual open data use. Practically, this study contributes novel empirical evidence for users’ engagement with open datasets as well as reliable engagement measures. Insights from this study can inform improvements to open data strategies and portals to facilitate wider engagement with these valuable resources.     

大数据时代背景下高校科研管理系统设计与分析

文章从大数据时代提升高校科研管理水平以及推进高校教育信息化的角度出发,在通过文献调研分析现有科研管理系统的基础上,提出一个基于Web的高校科研信息处理系统的开发方案,系统从结构上可以分为科研门户网站和科研业务管理系统两大部分,拟采用Java EE技术、Spring框架技术、Oracle作为系统后台数据管理软件实现该系统。     

通信测距复合系统中的扩频码捕获研究

在通信测距复合系统中，长序列PN码的快速捕获是一个不可避免的问题。扩频码同步是扩频通信系统中的关键技术，针对传统的捕获方法的缺点，提出一种改进的序列估计的捕获方法，给出系统结构并说明了工作原理。     

化学分析信息系统中数据处理的开发研制

介绍了如何在化学分析中运用Access2000关系型数据库开发应用软件,着重分析了有关标准数据处理的设计原理与实现方法。     

奥巴马和特朗普时期美国网络安全战略体制研究对我国的启示

全球网络安全形势日趋严峻,网络空间已成大国博弈的新战场。通过对美国奥巴马和特朗普时期网络安全战略体制进行研究,希望对我国网络安全战略体制的构建有所启示,从而在网络空间全球治理中赢得更多的话语权。利用历史分析法和文献研究法,分别研究奥巴马和特朗普时期的网络安全战略,从网络安全战略、关键信息基础设施建设、网络安全审查、人才培养四个维度展开研究,进而对美国网络安全管理体制的发展趋势做出研判。研究表明,美国所采取的巩固网络空间安全的政策措施有助于强化网络安全管理,也值得我国在网络空间治理中进行借鉴。     

Future IoT‐enabled threats and vulnerabilities: State of the art,challenges, and future prospects

In the recent era, the security issues affecting the future Internet‐of‐Things (IoT) standards has fascinated noteworthy consideration from numerous research communities. In this view, numerous assessments in the form of surveys were proposed highlighting several future IoT‐centric subjects together with threat modeling, intrusion detection systems (IDS), and various emergent technologies. In contrast, in this article, we have focused exclusively on the emerging IoT‐related vulnerabilities. This article is a multi‐fold survey that emphasizes on understanding the crucial causes of novel vulnerabilities in IoT paradigms and issues in existing research. Initially, we have emphasized on different layers of IoT architecture and highlight various emerging security challenges associated with each layer along with the key issues of different IoT systems. Secondly, we discuss the exploitation, detection, and defense methodologies of IoT malware‐enabled distributed denial of service (DDoS), Sybil, and collusion attack capabilities. We have also discussed numerous state‐of‐the‐art strategies for intrusion detection and methods for IDS setup in future IoT systems. Third, we have presented a brief classification of existing IoT authentication protocols and a comparative analysis of such protocols based on different IoT‐enabled cyber attacks. For conducting a real‐time future IoT research, we have presented some emerging blockchain solutions. We have also discussed a comparative examination of some of the recently developed simulation tools and IoT test beds that are characterized based on different layers of IoT infrastructure. We have also outlined some of the open issues and future research directions and also facilitate the readers with broad classification of existing surveys in this domain that addresses several scopes related to the IoT paradigm. This survey article focuses in enabling IoT‐related research activities by comparing and merging scattered surveys in this domain.     

"标准信息平台"建设的构思

对建立“标准信息平台”的建设思路、平台性能、平台结构、内容管理、数据挖掘、搜索引擎、身份管理、系统安全、数据存储等技术要求提出构思和建议。     

数字化时代信息管理与信息系统专业转型研究

本文旨在研究数字化时代信息管理与信息系统专业的转型问题。通过对专业培养目标和职业发展方向的比较分析,本文首先对数字化时代的信息管理与信息系统专业进行再定位,论证了专业转型的必要性,指明了专业转型的大方向。在此基础上,借鉴成果导向教育的理念,本文重新构建了信息管理与信息系统专业的能力培养体系,并提出学生应具备的信息技术应用能力、商业数据分析能力、IT产品架构能力和管理决策能力。最后,为支撑能力体系的实现,本文进一步对专业课程体系进行了优化,该课程体系由基础能力课程体系、核心能力课程体系、专业方向选修课程体系和实践环节构成。     

Data-centric approaches in the Internet of Vehicles: A systematic review on techniques,open issues,and future directions

The Internet of Vehicles (IoV) is an emerging network of connected vehicles as a branch of dynamic objects in the Internet of Things (IoT) ecosystem. With the rapid development of IoV, real-time data-centric applications would be a significant concern in academia and industry to promote efficiency and realize modern services in such high dynamic networks. In this paper, we aim to present a systematic literature review (SLR) for the IoV networks to investigate the different attitudes in the field of data-centric approaches. This paper systematically categorizes the 48 recent articles on data-driven techniques in the IoV field published from 2017 to March 2022. A complete technical taxonomy is presented for the data-centric approaches in IoV according to the content of current studies. Collected methods are chosen with the SLR process, and they are investigated considering some technical classifications including IoV security, data traffic, vehicular social network, data propagation, energy, and multimedia categories. The achievements, drawbacks, and new findings of studies are carefully investigated for addressing the deficiencies, as well as emphasizing future research direction and open issues of data-driven approaches in IoV.