Performance of PKI-based security mechanisms in mobile ad hoc networks

Security for ad hoc network environments has received a lot of attention as of today. Previous work has mainly been focussing on secure routing, fairness issues, and malicious node detection. However, the issue of introducing and conserving trust relationships has received considerably less attention. In this article, we present a scalable method for the use of public key certificates and their revocation in mobile ad hoc networks (MANETs). With the LKN-ad hoc security framework (LKN-ASF) a certificate management protocol has been introduced, bringing PKI technology to MANETs. In addition a performance analysis of two different revocation approaches for MANETs will be presented.     

银行UPS供电系统可靠性方案探析

本文从银行UPS供电系统总体设计、UPS设备选型主要考虑参数、冗余方式选择、UPS系统的安装、维护等方面进行综合考虑 ,论述提高银行UPS供电系统的可靠性、稳定性的方法 ,以期保障银行业务分分秒秒不间断进行     

双逻辑访问控制改进模型的研究和实现

文章提出了针对“整合分级的RBAC访问控制”系统的改进模型。新模型充分发挥了基于角色和分级两套访问控制逻辑的优点,并通过引入XACML,有效地实现了策略管理和访问判决的标准化、统一化,在角色定义的基础上实现了两种逻辑的无缝整合。     

无线视频监控系统中的安全机制研究

无线视频监控系统的安全不能单纯依靠加密来保证,从信息系统安全体系的角度,对无线视频监控系统的安全进行了分析,并对系统中主要应用的鉴权、密钥管理、空中接口加密、端到端加密等安全机制进行了重点研究。     

基于ATL的公平电子商务协议形式化分析

针对传统时序逻辑LTL,CTL及CTL*等把协议看成封闭系统进行分析的缺点,Kremer博士(2003)提出用一种基于博弈的ATL(Alternating-time Temporal Logic)方法分析公平电子商务协议并对几个典型的协议进行了公平性等方面的形式化分析。本文讨论了ATL逻辑及其在电子商务协议形式化分析中的应用,进一步扩展了Kremer博士的方法,使之在考虑公平性等特性的同时能够分析协议的安全性。最后本文用新方法对Zhou等人(1999)提出的 ZDB协议进行了严格的形式化分析,结果发现该协议在非保密通道下存在两个可能的攻击：保密信息泄露和重放攻击。     

Analyzing the effect of the inventory policy on order and inventory variability with linear control theory

In this paper we apply linear control theory to study the effect of various inventory policies on order and inventory variability, which are key drivers of supply chain performance. In particular, we study a two-echelon supply chain with a stationary demand pattern under the influence of three inventory policies: an inventory-on-hand policy that bases orders on the visible inventory at an installation, an installation-stock policy that bases orders on the inventory position (on-hand plus on-order inventory) at an installation, and an echelon-stock policy that bases orders on the inventory position at that installation and all downstream installations. We prove analytically that the inventory-on-hand policy is unstable in practical settings, confirming analytically what has been observed in experimental settings and in practice. We also prove that the installation-stock and echelon-stock policies are stable and analyze their effect on order and inventory fluctuation. Specifically, we show the general superiority of the echelon-stock in our setting and demonstrate analytically the effect of forecasting parameters on order and inventory fluctuations, confirming the results in other research.     

网络安全策略分析

网络安全策略是建立网络系统安全的指导原则。介绍了计算机网络当前所面临的安全威胁，对网络安全策略做了分析。     

下一代接入网发展及政府的角色

经受了全球金融危机的冲击,各国尤其是发达国家都非常重视宽带的发展。同时,危机也重新唤起了人们对政府有效监管的重视,对国家适时进行干预的必要性有了更加明确的认识。目前来看,FTTx是未来宽带接入的重要技术选择,也是经济增长的热点。政府则会通过直接和间接资金投入以及政策和措施等各种方式,对宽带发展进行资助和扶持。     

基于Web的图书馆管理系统访问控制策略

针对基于Web的图书馆管理系统资源访问控制的动态性问题，提出了一种基于角色的访问控制策略描述方案．通过对基于Web的图书馆管理系统访问控制管理影响因素和访问控制需求的分析，结合NIST基于角色的访问控制统一模型标准，构造了一种基于角色的访问控制元模型．并在这一元模型的基础上，提出了一种紧凑的基于角色的访问控制XML策略描述语言框架．结果表明该访问控制策略描述语言框架适合表述动态环境下对图书馆资源的访问策略，提高了基于Web的图书馆管理系统资源访问的安全性．     

入侵检测系统:原理、入侵隐藏与对策

入侵行为给基于网络的计算机信息系统的安全带来巨大威胁，入侵检测系统（IDS，Intrusion Detection System）作为重要的安全工具而成为研究的热点。文章首先介绍IDS的基本概念和组成，研究各类IDS的工作原理及其优缺点，然后分析当前难以对付的几种隐藏入侵迹象，逃避IDS检测的方法，并进一步探讨相应的对策，对IDS今后的发展方向提出了看法。