网络管理协议并发性能测试研究

网络管理协议并发处理性能直接决定了网络应用系统的管理能力,我们在实际网络管理协议并发性能测试实践的基础上,对并发性能测试分析、测试方法和测试数据分析等方面进行总结,形成可借鉴的并发测试实施思路和方法。     

浅谈大数据风险与应对策略

<正>大数据应用通过分布式索引把全部索引数据水平切分后存储到多个节点上,这为黑客发起攻击提供了更多机会,利用大数据,黑客可以扩大攻击效果。大数据的低密度性使得现有的安全分析工具很难聚焦在关键点上,因此,大数据的安全保护面临着更多威胁。1.主要安全威胁(1)基本威胁基本威胁包括:1信息泄露,主要指大数据中的部分或全部信息被透露给某个未被授权的用户、软件或实体;2完整性破坏,由于非授权的增加、删除和修改等操作,大数据中的部分信息丢失,完整性遭到破坏;3拒绝服务,     

MTBAC： A Mutual Trust Based Access Control Model in Cloud Computing

As a new computing mode, cloud computing can provide users with virtualized and scalable web services, which faced with serious security challenges, however. Access control is one of the most important measures to ensure the security of cloud computing. But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing. In cloud computing environment, only when the security and reliability of both interaction parties are ensured, data security can be effectively guaranteed during interactions between users and the Cloud. Therefore, building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment. Combining with Trust Management（TM）, a mutual trust based access control （MTBAC） model is proposed in this paper. MTBAC model take both user＇s behavior trust and cloud services node＇s credibility into consideration. Trust relationships between users and cloud service nodes are established by mutual trust mechanism. Security problems of access control are solved by implementing MTBAC model into cloud computing environment. Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.     

Attribute Based DRM Scheme with Dynamic Usage Control in Cloud Computing

In order to achieve fine-grained access control in cloud computing, existing digital rights management （DRM） schemes adopt attribute-based encryption as the main encryption primitive. However, these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud. In this paper, we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing. We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption. Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content. The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users, and also enables the license server to implement immediate attribute and user revocation. Moreover, our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption, which allows the license server in the cloud to update the users＇ usage rights dynamically without disclosing the plaintext. Extensive analytical results indicate that our proposed scheme is secure and efficient.     

脑机接口技术中安全高效的属性基访问控制

随着脑机接口技术(Brain-Computer Interface, BCI)在新兴医疗健康监测领域的广泛应用,其受到的安全威胁越来越多,导致其隐私保护问题受到了关注。该文针对BCI应用中的隐私保护问题提出一种通信模型,并为其设计了一种基于密文策略的属性基(Ciphertext-Policy Attribute Based Encryption, CP-ABE)访问控制方案,利用代理重加密技术实现细粒度的属性撤销。经分析表明,方案有效地解决了BCI模型中敏感数据的隐私保护问题,并且在能量损耗及通信计算开销等性能评估中表现优异。     

分布式认证智能电网访问控制模型的研究

为实现智能电网数据的安全汇总和访问控制的有效结合,在同态加密的基础上,结合陷门秘密分享技术,提出一种基于多方认证的智能电网访问控制方案。通过对智能电表中数据密文进行同态加密处理,保证数据从智能电表到变电站传输过程的安全,同时对汇总的密文数据进行属性化,可实现对数据访问者的多方认证访问控制。实验数据结果表明,该方案具有可行性和实用性。     

无线Mesh网络速率自适应算法研究

自适应速率选择是影响无线Mesh网性能的关键问题。提出了一种基于动态解调门限的速率自适应选择算法,该算法通过统计传输速率进行速率选择,能够针对不同信道环境对每种调制速率所需最小信噪比门限进行自动调整。同时,采用跨层设计思想,采用路由协议广播报文作为MESH设备间传输信噪比信息的载体,从而能够根据信噪比和传输成功率信息得到信道环境下的最佳发送速率。实际测试结果表明,所提算法能够在较短时间内选择出最佳速率,而且具有较低的抖动和稳定的吞吐量。     

D-PRMA：一种新的无线Ad Hoc网络资源预留MAC机制

支持资源预留的介质访问控制(MAC)机制是无线ad hoc网络提供服务质量保证的关键.本文在分析分组预留多址接入(PRMA)的基础上,给出了一种新的支持资源预留的无线ad hoc网络MAC机制:分布式PRMA(D-PRMA).D-PRMA的主要特点是分布式的,这适合无线ad hoc网络无中心的特点,同时,D-PRMA具有很短的碰撞持续时间,支持不同速率的实时业务,避免了对分组的分片和重组.通过仿真,本文进一步分析了D-PRMA的性能,仿真结果表明D-PRMA能保证实时业务的带宽和时延.     

一种高效低时延的宽带电力线通信网多跳MAC协议

针对IEEE1901.1宽带电力线通信媒体接入控制(Medium Access Control,MAC)协议涉及到信标时隙利用不充分和控制开销过大等问题,提出了一种高效低时延的宽带电力线通信网多跳MAC协议(Efficient and Low Delay Multi-hop MAC,ELDM-MAC).采用基于节点层级...