大数据平台安全防护研究

本文首先明确大数据平台的风险,提出大数据平台安全防护目的及防护体系,提供大数据基础设施、大数据接口、大数据存储、大数据计算处理和平台管理等方面的安全防护措施.     

An efficient chaos‐based 2‐party key agreement protocol with provable security

Key agreement protocol is an important cryptographic primitive, which allows 2 parties to establish a secure session in an open network environment. A various of key agreement protocols were proposed. Nowadays, there still exists some other security flaws waiting to be solved. Owing to reduce the computational and communication costs and improve the security, chaotic map has been studied in‐depth and treated as a good solution. Recently, Liu et al proposed a chaos‐based 2‐party key agreement protocol and demonstrated that it can defend denial‐of‐service attack and replay attack. We found, however, it cannot resist off‐line password‐guessing attack, and it also has some other security flaws. In this paper, we propose an improved chaos‐based 2‐party key agreement protocol. The results prove that the protocol can solve the threats of off‐line password‐guessing attack and other security flaws in the security proof section. What is more, performance analysis shows that the computational cost of the improved protocol is lower than Liu et al protocol.     

Robust security framework for DVB‐RCS satellite networks (RSSN)

Satellites represent a solution for Internet access in locations with no other telecom infrastructures, for example, on high mobility platforms such as planes, ships or high‐speed trains, or for disaster recovery applications. However, due to peculiar characteristics, satellite networks are prone to different security threats. In this paper, we introduce a novel, robust security architecture for securing digital video broadcasting‐return channel via satellite satellite networks, inspired by the robust security mechanism available in the Institute of Electrical and Electronic Engineers (IEEE) 802.11i wireless local area network. We propose an efficient authentication and key management mechanism, which is exploited through three round‐trips only, demonstrating that it is as secure as IEEE 802.11i. Furthermore, the simulation results show that the proposed security framework needs a very small data overhead and shows better performance than internet protocol security (IPSec), which is commonly used as an end‐to‐end security solution over internet protocol satellite networks. Copyright © 2015 John Wiley & Sons, Ltd.     

Salient object detection via boosting object-level distinctiveness and saliency refinement

Many salient object detection approaches share the common drawback that they cannot uniformly highlight heterogeneous regions of salient objects, and thus, parts of the salient objects are not discriminated from background regions in a saliency map. In this paper, we focus on this drawback and accordingly propose a novel algorithm that more uniformly highlights the entire salient object as compared to many approaches. Our method consists of two stages: boosting the object-level distinctiveness and saliency refinement. In the first stage, a coarse object-level saliency map is generated based on boosting the distinctiveness of the object proposals in the test images, using a set of object-level features and the Modest AdaBoost algorithm. In the second stage, several saliency refinement steps are executed to obtain a final saliency map in which the boundaries of salient objects are preserved. Quantitative and qualitative comparisons with state-of-the-art approaches demonstrate the superior performance of our approach.     

Performance study of hybrid decode–amplify–forward (HDAF) relaying scheme for physical layer security in wireless cooperative network

In this paper, the secrecy performance and power allocation of the signal‐to‐noise ratio‐based hybrid decode–amplify–forward (HDAF) relaying protocol in wireless cooperative network are investigated to get security at physical layer. The performance metrics considered are secrecy rate and intercept probability. The Ergodic secrecy rate is approximated theoretically. The effect of relay and eavesdropper locations on the secrecy performance of the system is analyzed. It is found that maximum secrecy rate is obtained for the relay close‐to‐destination case and minimum for the relay close‐to‐eavesdropper case. Jamming schemes are superior in secrecy rate performance than without jamming schemes. To enhance the secrecy rate further with the optimized relay and jammer powers, invasive weed optimization (IWO) algorithm‐based power allocation is proposed. Here, maximizing the secrecy rate is defined as the cost function for the proposed IWO algorithm‐based power allocation. Comparative study is done over the conventional equal and proposed power allocation schemes for validation. The proposed power allocation scheme proved to be superior. Copyright © 2016 John Wiley & Sons, Ltd.     

A secure mutual authentication scheme with non‐repudiation for vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) have been a research focus in recent years. VANETs are not only used to enhance the road safety and reduce the traffic accidents earlier but also conducted more researches in network value‐added service. As a result, the security requirements of vehicle communication are given more attention. In order to prevent the security threat of VANETs, the security requirements, such as the message integrity, availability, and confidentiality are needed to be guaranteed further. Therefore, a secured and efficient verification scheme for VANETs is proposed to satisfy these requirements and reduce the computational cost by combining the asymmetric and symmetric cryptology, certificate, digital signature, and session key update mechanism. In addition, our proposed scheme can resist malicious attacks or prevent illegal users' access via security and performance analysis. In summary, the proposed scheme is proved to achieve the requirements of resist known attacks, non‐repudiation, authentication, availability, integrity, and confidentiality. Copyright © 2015 John Wiley & Sons, Ltd.     

An efficient EAP‐based proxy signature handover authentication scheme for WRANs over TV white space

The wireless regional area networks (WRANs) operates in the very high frequency and ultra high frequency television white space bands regulated by the IEEE 802.22 standard. The IEEE 802.22 standard supports Extensible Authentication Protocol (EAP)‐based authentication scheme. Due to the participation of a server and the information exchanged between a customer primes equipment and the secondary user base station, it takes around 50 ms to complete a complete EAP authentication that cannot be accepted in a handover procedure in WRANs. In this paper, we propose an EAP‐based proxy signature (EPS) handover authentication scheme for WRANs. The customer primes equipment and secondary user base station accomplish a handover authentication without entailing the server by using the proxy signature. Approved by the logic derivation by Burrows, Abadi, and Needham logic and formal verification by Automated Validation of Internet Security Protocols and Applications, we can conclude that the proposed EPS scheme can obtain mutual authentication and hold the key secrecy with a strong antiattack ability. Additionally, the performance of the EPS scheme in terms of the authentication delay has been investigated by simulation experiments with the results showing that the EPS scheme is much more efficient in terms of low computation delay and less communication resources required than the security scheme regulated in IEEE 802.22 standard.