检索结果-内蒙古大学图书馆

Research on the model of the survivable storage system (SSS) and its architecture

Research on the model of the survivable storage system (SSS)...

3rd International Conference on computer Science and Its Applications, CSA 2011 and 2011 FTRA World Convergence Conference, WCC 2011

作者： Yang, Xiao-Yuan Wang, Jing-Jing Chen, Xiao-Feng Key Laboratory of Network and Information Security of CAPF Engineering College of CAPF Xi'an 710086 China Key Laboratory of Computer Networks and Information Security Xidian University Ministry of Education Xi'an 710071 China

ISBN: (纸本)9789400727915

In view of the present inconsistent understanding of the model definition of survivable storage network, a seven-tuple model definition and a kind of architecture of SSS were given, taking the characteristics, such as wide-open style and high intricacy, of the actual network environment into account. In addition, some detailed analysis to the key elements of the model and the modules of the architecture was made separately. Our research can provide guidelines for design and construction of SSS, besides, it can also provide basic methods for evaluating the survivability of a storage system. © 2012 Springer Science+Business Media B.V.

关键词： network architecture

来源：评论

学校读者我要写书评

暂无评论

Application of SS-MVPN technology in mobile network

Application of SS-MVPN technology in mobile network

引用

2012 International Conference on Electrical Insulating Materials and Electrical engineering, EIMEE 2012

作者： Hang, Qiangwei Chen, Bing Hou, Qiang Key Laboratory of Information Network Security Ministry of Public Securitythe 3rd research institute of ministry of public security Shanghai China Dept. of computer engineering of Tongji University Shanghai China

ISBN: (纸本)9783037854518

More and more people are using mobile equipments to access business resources from the organization's internal network, how to ensure the data security in the data transport process of mobile intelligent terminals is becoming an urgent need to address issues. This paper proposes a new solution of mobile VPN which using the SSL to protect the data flow and SOCKS5 proxy technology to redirect flow, and gives the analysis of its performance improvement principles. © (2012) Trans Tech Publications, Switzerland.

关键词： Wireless networks

来源：评论

学校读者我要写书评

暂无评论

Efficient and random oracle-free conditionally anonymous ring signature

Efficient and random oracle-free conditionally anonymous rin...

引用

6th International Conference on Provable security, ProvSec 2012

作者： Zeng, Shengke Qin, Zhiguang Lu, Qing Li, Qinyi School of Computer Science and Engineering University of Electronic Science and Technology of China Chengdu 611731 China Network and Data Security Key Laboratory of Sichuan Province China Shanghai Key Laboratory of Integrate Administration Technologies for Information Security China

ISBN: (纸本)9783642332715

Compared to conventional ring signature schemes, conditionally anonymous ring signatures allow to revoke the anonymity of actual signer without the group manager's help if necessary. When the actual signer intends to confirm his role, it can be proved by a confirmation algorithm. In addition, any user, who is in a ring but not signer, can claim this through a disavowal algorithm. There were several proposals which were proved secure in random oracles. In other words, the security of such schemes depends on the randomness of hash functions. Recently, Zeng et al. proposed a generic construction of conditionally anonymous ring signature scheme without random oracles. Their scheme relies on NIZKs and pseudorandom functions, which render it to be inefficient. This paper proposes a practical ring signature scheme with traceability without random oracles in the common reference string model. © 2012 Springer-Verlag.

关键词： Hash functions

来源：评论

学校读者我要写书评

暂无评论

A measurement study on potential inter-domain routing diversity

引用

IEEE Transactions on network and Service Management 2012年第3期9卷 268-278页

作者： Hu, Chengchen Chen, Kai Chen, Yan Liu, Bin Vasilakos, Athanasios V. MoE Key Laboratory of Intelligent Networks and Network Security Department of Computer Science and Techonolgy Xi'An Jiaotong University Xi'an Shaanxi China Department of Computer Science and Engineering Hong Kong University of Science and Technology Hong Kong Department of Electrical Engineering and Computer Science Northwestern University Evanston IL United States Department of Computer Science and Technology Tsinghua University Beijing China Department of Computer and Telecommunications Engineering University of Western Macedonia GR 50100 Kozani Greece

In response to Internet emergencies, Internet resiliency is investigated directly through an autonomous system (AS) level graph inferred from policy-compliant BGP paths or/and traceroute paths. Due to policy-driven inter-domain routing, the physical connectivity does not necessarily imply network reachability in the AS-level graph, i.e., many physical paths are not visible by the inter-domain routing protocol for connectivity recovery during Internet outages. We call the invisible connectivity at the routing layer, which can be quickly restored for recovering routing failures by simple configurations, as the potential routing diversities. In this paper, we evaluate two kinds of potential routing diversities, which are recognized as Internet eXchange Points (IXPs) participant reconnection and peering policy relaxation. Using the most complete dataset containing AS-level map and IXP participants that we can achieve, we successfully evaluate the ability of potential routing diversity for routing recovery during different kinds of Internet emergencies. Encouragingly, our experimental results show that 40% to 80% of the interrupted network pairs can be recovered on average beyond policy-compliant paths, with rich path diversities and a little traffic shifts. Thus, this paper implies that the potential routing diversities are promising venues to address Internet failures. © 2004-2012 IEEE.

关键词： Recovery

来源：评论

学校读者我要写书评

暂无评论

MUSHI: Toward Multiple Level security cloud with strong Hardware level Isolation

MUSHI: Toward Multiple Level Security cloud with strong Hard...

引用

2012 IEEE Military Communications Conference, MILCOM 2012

作者： Zhang, Ning Li, Ming Lou, Wenjing Hou, Y. Thomas Complex Network and Security Research Laboratory College of Engineering Virginia Tech VA United States Department of Computer Science Utah State University Logan UT United States

ISBN: (纸本)9781467317290

Multiple Level security (MLS) has always been a center of focus since the usage of computers in military and intelligence systems. Extensive studies have been done on how to utilize virtualization technologies to provide multiple level secured execution in the cloud, yet the general assumption is that all components in the cloud service provider are trusted. With the advanced persistent threats currently faced by the military and intelligence community, it is unrealistic to assume complex information systems can remain trustworthy all the time. In this work, we present MUltiple level security cloud with strong Hardware level Isolation (MUSHI), a novel framework that can provide hardware level isolation and protection to individual guest virtual machine (VM) execution. With MUSHI, a user can maintain confidentiality and integrity of her VM in a multicore environment even in the presence of malicious attacks from both within and outside the cloud infrastructure. © 2012 IEEE.

关键词： network security

来源：评论

学校读者我要写书评

暂无评论

Intrusion-resilient identity-based signature: security definition and construction

Intrusion-resilient identity-based signature: Security defin...

引用

作者： Yu, Jia Kong, Fanyu Cheng, Xiangguo Hao, Rong Fan, Jianxi College of Information Engineering Qingdao University 266071 Qingdao China Shandong Provincial Key Laboratory of Computer Network 250014 Jinan China Institute of Network Security Shandong University 250100 Jinan China School of Computer Science and Technology Soochow University 215006 Suzhou China

Traditional identity-based signatures depend on the assumption that secret keys are absolutely secure. Once a secret key is exposed, all signatures associated with this secret key have to be reissued. Therefore, limiting the impact of key exposure in identity-based signature is an important task. In this paper, we propose to integrate the intrusion-resilient security into identity-based signatures to deal with their key exposure problem. Compared with forward-secure identity-based signatures and key-insulated identity-based signatures, our proposal can achieve higher security. The proposed scheme satisfies that signatures in any other time periods are secure even after arbitrarily many compromises of base and signer, as long as the compromises do not happen simultaneously. Furthermore, the intruder cannot generate signatures pertaining to previous time periods, even if she compromises base and signer simultaneously to get all their secret information. The scheme enjoys nice average performance. There are no cost parameters including key setup time, key extract time, base (signer) key update time, base (signer) key refresh time, signing time, verifying time, and signature size, public parameter size, base (signer) storage size having complexity more than O(log T) in terms of the total number of time periods T in this scheme. We also give the security definition of intrusion-resilient identity-based signature scheme and prove that our scheme is secure based on this security definition in the random oracle model assuming CDH problem is hard. © 2011 Elsevier Inc.

关键词： network security

来源：评论

学校读者我要写书评

暂无评论

A comparative study on flood DoS and low-rate DoS attacks

引用

Journal of China Universities of Posts and Telecommunications 2012年第SUPPL. 1期19卷 116-121页

作者： Liu, Xiao-Ming Cheng, Gong Li, Qi Zhang, Miao Information Security Center Beijing University of Posts and Telecommunications Beijing 100876 China National Computer Network Emergency Response Technical Team Coordination Center of China Beijing 100029 China National Engineering Laboratory for Disaster Backup and Recovery Beijing University of Posts and Telecommunications Beijing 100876 China

Denial of service (DoS) attacks is a serious threat for the Internet. DoS attacks can consume memory, computer processing unit (CPU), and network bandwidths and damage or shut down the operation of the resource under attack. In this paper, based on the taxonomy of DoS attacks, two typical types of DoS - flood DoS (FDoS) and low-rate DoS (LDoS) attacks, are studied on their generation principle, mechanism utilization, signature, impacts, and defense mechanisms. Simulation results illustrate that 1) FDoS is easy to be launched but its signature is easy to be detected. 2) LDoS organizes an average small quantity of traffic and it is stealthier. Comparison of LDoS with FDoS shed light on the emerging new features of DoS attacks and can make the detection and defense mechanisms more efficient. © 2012 The Journal of China Universities of Posts and Telecommunications.

关键词： Floods

来源：评论

学校读者我要写书评

暂无评论

Unconditionally secure multi-secret sharing scheme

Unconditionally secure multi-secret sharing scheme

引用

2012 IEEE International Conference on computer Science and Automation engineering, CSAE 2012

作者： Lin, Changlu Harn, Lein School of Mathematics and Computer Science Key Laboratory of Network Security and Cryptology Fujian Normal University Fuzhou 350007 China Department of Computer Science Electrical Engineering University of Missouri Kansas City MO 64110-2499 United States

ISBN: (纸本)9781467300865

In Shamir's (t, n) secret sharing (SS) scheme, a master secrets is divided into n shares by a dealer and is shared among n shareholders in such a way that any t or more than t shares can reconstruct this master secret;but fewer than t shares cannot obtain any information about the master secret s. Although Shamir's scheme is unconditionally secure, it unfortunately requires a large data expansion (i.e., t shares are needed to reclaim one secret). Therefore, Shamir's scheme is inefficient as a conveyor of information. Multi-secret sharing (MSS) scheme, which allows multiple master secrets to be shared among shareholders, has been proposed to improve the efficiency of Shamir's scheme. However, all existing MSS schemes are computationally secure. In this paper, we propose an unconditionally secure MSS scheme based on Shamir's scheme. Our proposed MSS scheme allows each shareholder to keep only one private share and uses it to share t master secrets. © 2012 IEEE.

关键词： Shareholders

来源：评论

学校读者我要写书评

暂无评论

A unified architecture for DPA-resistant PRESENT

A unified architecture for DPA-resistant PRESENT

引用

2012 International Conference on Innovations in Information Technology, IIT 2012

作者： Zhao, Wei Wang, Yi Li, Renfa Embedded System and Network Laboratory Hunan University Changsha Hunan 410082 China Hunan Province Key Laboratory of Network and Information Security Hunan University Changsha Hunan 410082 China College of Information Science and Engineering Hunan University Changsha Hunan 410082 China Department of Electrical and Computer Engineering National University of Singapore Singapore 117576 Singapore

ISBN: (纸本)9781467311014

Recently, there is a new kinds of cryptographic algorithms are proposed to meet the requirements of "lightweight" applications. PRESENT is one of them, which is built based on 4-bit substitution transformation (S-box) and suitable for low cost hardware implementations. Usually, there needs two 4-bit S-boxes, Sp, ISp, for PRESENT encryption and decryption, in which ISp can be computed from Sp. Therefore, we proposed a unified architecture to supporting the operations of PRESENT encryption and decryption. There also exists a kind of power analysis attacks pose a serious threat on hardware based PRESENT. In order to resist against DPA, we proposed a new masking scheme for PRESENT, in which the nonlinear substitution needs to be carefully masked. In order to reduce the hardware resources for the proposed masking scheme, we reuse the masked Sp to generate masked ISp. The experimental results show that our proposed unified masked PRESENT takes up only one time larger than the unmasked existing design. But, it is obvious that our proposed design has the ability to defend against DPA. © 2012 IEEE.

关键词： computer architecture

来源：评论

学校读者我要写书评

暂无评论

Improvement on masked S-box hardware implementation

Improvement on masked S-box hardware implementation

引用

2012 International Conference on Innovations in Information Technology, IIT 2012

作者： Zeng, Juanli Wang, Yi Xu, Cheng Li, Renfa Embedded System and Network Laboratory Hunan University Changsha Hunan 410082 China Hunan Province Key Laboratory of Network and Information Security Hunan University Changsha Hunan 410082 China College of Information Science and Engineering Hunan University Changsha Hunan 410082 China Department of Electrical and Computer Engineering National University of Singapore Singapore 117576 Singapore

ISBN: (纸本)9781467311014

Masking in gate level could efficiently protect AES S-box out of power analysis attack. But there still exists a kind of attack, called glitch attack, to achieve the sensitive information from gate cell leakage. Some works had been done to resist against glitch attack, which carefully masked AND gate or used Wave Dynamic Differential Logic (WDDL) cell. In this paper, we propose an improved masked AND gate, in which the relationship between input masked values and masks is nonlinear. Usually, when converting S-box operations from GF(2 8) to GF(((22)2)2), all the necessary computations become XOR and AND operations. Therefore, to fully mask AES S-box is to substitute the unmasked XOR and AND operations with the proposed masked AND gate and protected XOR gate. Although the proposed masked AND gate take up one extra XOR gate than Trichina's design and Baek's design, it can resist against glitch attack without using specific gate cell, such as WDDL. © 2012 IEEE.

关键词： Field programmable gate arrays (FPGA)

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：