Please wait a minute...

Current Issue

    25 September 2012, Volume 33 Issue Z1
    Previous Issue    Next Issue
    Papers
    Adaptive double auction mechanism for cloud resource allocation
    Ding DING,Si-wei LUO,Li-hua AI
    2012, 33(Z1):  1-143.  doi:10.3969/j.issn.1000-436x.2012.z1.017
    Asbtract ( 353 )   HTML ( 5)   PDF (811KB) ( 1256 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    By integrating the auction mechanism in economic field into cloud,an adaptive double auction mechanism(ADAM) was proposed to allocate resources in cloud computing.Compared to traditional double auction mechanisms,ADAM traded cloud resource sellers and cloud resource buyers at their expected price and quantity,guaranteed the profits of all participants.Moreover,ADAM applied different auction rules in different cases to satisfy as more participants as possible.As a new mechanism for cloud resource allocation,ADAM was proved to be strategy-proof,weakly budget-balanced and individual rational even under the conditions that the price and quantity of participants were private information.Simulation results also confirm that ADAM outperforms the traditional one on both cloud user satisfaction degree and cloud resource utilization rate and is also economically efficient,especially as more users are involved in the auction market.

    Study on virtual resource allocation optimization in cloud computing environment
    Li XU,Zhi-bin ZENG,Chuan YAO
    2012, 33(Z1):  8-16.  doi:10.3969/j.issn.1000-436x.2012.z1.002
    Asbtract ( 336 )   HTML ( 14)   PDF (1056KB) ( 1167 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Most existing researches of resource allocation in data center did not take into full consideration how to decrease energy consumption.The energy efficiency virtual resource allocation for cloud computing as a multi-objective optimization problem was formulated,which was then solved by intelligent optimization algorithm.The simulation results reveal that the strategy can successfully generate schedule scheme of different numbers of servers-VM with diverse characteristics and decrease the total operating energy of data center effectively.

    Research on a multidimensional personalized recommendation model based on a situation and characteristics of the users
    Chun-hua JU,Fu-guang BAO
    2012, 33(Z1):  17-27.  doi:10.3969/j.issn.1000-436x.2012.z1.003
    Asbtract ( 218 )   HTML ( 1)   PDF (944KB) ( 935 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The accuracy of personalized recommendation was the key factor of Internet application to success.Because of the deficiency of the traditional recommend model,a multidimensional personalized recommendation model based on a special situation and main characteristics of the users was proposed.This model could make full use of regional culture background,field scene,characteristics of the users and so on,avoided the disadvantages of traditional algorithm,put the user's overall characteristics as a single vector,and overcomed the problem of sparse data.The experimental results show that the quality of this recommendation model is better than traditional collaborative recommend model with the more specific items match user interests.

    Cloud computing based smartphone social authentication system
    Yan-bing LIU,Fei-fei LIU
    2012, 33(Z1):  28-34.  doi:10.3969/j.issn.1000-436x.2012.z1.004
    Asbtract ( 191 )   HTML ( 3)   PDF (908KB) ( 634 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Cloud computation provided the capabilities to store and compute infinitely,which can filled the gap of resource constrain.So a cloud-computation based social authentication system for smartphones aimed at the problem that the present authentication methods require a long period of validity of the authentication tokens and make the terminals consume large resources was proposed.The system took three types of social networking features into considered,which were different certification authority between the friends,behavior differences between individual and trust level carried by each interactive event.The results of experiments show that the system can effectively solve the problem that system performance will sharply decline when the expiry date of authentication tokens is short.

    Max-flow based load-balancing channel assignment algorithm for wireless mesh network
    Tao-shen LI,Ya-huan WEI,Zhi-hui GE
    2012, 33(Z1):  35-40.  doi:10.3969/j.issn.1000-436x.2012.z1.005
    Asbtract ( 220 )   HTML ( 6)   PDF (679KB) ( 631 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In view of the interference problem between channels and traffic flow load-balancing in wireless mesh networks,an objective optimization function for balancing network load was defined,and a load-balancing channel assignment algorithm based on maximum flow was proposed.In the algorithm,the links with larger flow load had a priority to allocate more bandwidth.The purpose of doing it was to make the key links could support larger flow load,balance the channels,reduce packet loss rate and delay in the network.Simulation results show that the algorithm can balance the network load and obtain better performance even in the heavier load network.

    Predicate-based authenticated key exchange protocol with attribute-hiding
    Wen-fen LIU,Jiang-hong WEI,Xue-xian HU
    2012, 33(Z1):  41-47.  doi:10.3969/j.issn.1000-436x.2012.z1.006
    Asbtract ( 248 )   HTML ( 4)   PDF (697KB) ( 599 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    To overcome the problem that available predicate-based authenticated key exchange(PBAKE)protocols had drawback on privacy protection,a new PBAKE protocol was presented.The new protocol was constructed via combining an inner product encryption scheme with NAXOS technique.The security of the new protocol could be reduced to GBDH assumption in the modified eCK model.At the same time,for inheriting the security property of attribute-hiding from the inner product encryption scheme,the proposed protocol guarded against disclosure of users’ sensitive information.

    Classification method for mixed detection signal in the distributed sensor network
    Kan LI,Hang XU,Zhong-hua HUANG
    2012, 33(Z1):  53-57.  doi:10.3969/j.issn.1000-436x.2012.z1.008
    Asbtract ( 204 )   HTML ( 0)   PDF (620KB) ( 498 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Taking into account the limitations of the distributed sensor networks,a simple and efficient classification method was found.According to the main idea of na?ve Bayes classification (NBC) algorithm,a new na?ve Bayes classification based on attribute significance (NBCBAS) was proposed.The algorithm inherited the characteristics of NBC algorithm that was simple and fast computation.At the same time,the algorithm made up for the defects of conditional independence assumption.It had high classification accuracy in practice.The characteristics of the NBCBAS met the classification requirements of the mixed detection signal.At last,the NBCBAS was tested on UCI datasets and mixed detection signal datasets.The results illustrate that our algorithm improves the classification performance.

    Provably secure certificate less blind proxy re-signatures
    Tao FENG,Yi-xin LIANG
    2012, 33(Z1):  58-69.  doi:10.3969/j.issn.1000-436x.2012.z1.009
    Asbtract ( 217 )   HTML ( 3)   PDF (734KB) ( 517 )   Knowledge map   
    References | Related Articles | Metrics

    Using bilinear groups,an efficient certificate less blind proxy re-signature scheme was proposed based on the proxy re-signature scheme and blind signature scheme.The scheme solves the using of certificate in certificate-based scheme and removes key escrow in ID-based scheme.While achieving message privacy features of the proxy signature conversion.Based on the difficulty of NGBH and Many-NGBH problem,It proves that the new scheme can resist forgery attack characteristics.The scheme satisfies security properties:correctness and message blindness.

    Protocol of GIOP onto RapidIO——RIO-IOP
    Wen-yu CHEN,Ru ZENG,Wei PI,Wen LI
    2012, 33(Z1):  70-78.  doi:10.3969/j.issn.1000-436x.2012.z1.010
    Asbtract ( 363 )   HTML ( 0)   PDF (896KB) ( 818 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In embedded system application,all hardware elements based on bus mode.TCP/IP can not satisfy their communications,especially the interconnection of chips and boards.Therefore,in embedded environment,RapidIO interconnection framework is employed.There is not the mapping of GIOP onto RapidIO.This paper taked example by IIOP,and proposed the mapping of GIOP onto RapidIO:RIO-IOP.It analyzed RIO-IOP from the network model and the transport component model aspects in an all-round.RIO-IOP also supported the basic service of CORBA.In embedded field and military environment in the hardware,there is obvious advantages and application prospect by RIO-IOP experimentation.

    Research on key technology of vulnerability threat classification
    Qi-xu LIU,Chong-bin ZHANG,Yu-qing ZHANG,Bao-feng ZHANG
    2012, 33(Z1):  79-87.  doi:10.3969/j.issn.1000-436x.2012.z1.011
    Asbtract ( 484 )   HTML ( 8)   PDF (803KB) ( 2352 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to solve the vulnerability assessment problem of vulnerability management,three attribute groups were selected to qualitatively evaluate vulnerability threat.After the selection of vulnerability attributes,analytic hierarchy process method was used to establish vulnerability classification model,which can divide vulnerabilities into four risk levels:critical,high,moderate and low.The method provides a reference for national standard,vulnerability management,vulnerability handling,risk assessment,risk mitigation,etc.

    Wireless virtual network embedding algorithm based on link reliability
    Juan LUO,Chuan-chuan LIU,Ren-fa LI
    2012, 33(Z1):  88-95.  doi:10.3969/j.issn.1000-436x.2012.z1.012
    Asbtract ( 259 )   HTML ( 1)   PDF (808KB) ( 475 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    According to the problem of the poor reliability of wireless network links affectting wireless virtual network embedding,a wireless virtual network embedding algorithm based on link reliability named WVNEA-LR was proposed.This algorithm through the physical network topology pretreatment and the method of allowing multiple virtual nodes in the same virtual request mapping to the same physical nodes,improved the success rate of virtual networks construction and saved the physical link resources.The problem that low success ratio of virtual networks construction results from topology sparse was also improved with Q fact.Besides,node embedding of WVNEA-LR made the preparation for link embedding and this algorithm ensured virtual network embedded with high reliability via choosing high reliable paths during link embedding.Simulation results show the better success rate of virtual networks construction and higher resource utility can be acquired.

    Studying on the node’s influence and propagation path modes in microblogging
    Hong YU,Xian YANG
    2012, 33(Z1):  96-102.  doi:10.3969/j.issn.1000-436x.2012.z1.013
    Asbtract ( 461 )   HTML ( 11)   PDF (865KB) ( 1143 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to analyze microblogging information propagation path modes,the node's influence to reflect its importance was defined based on considering the characteristics of information propagation in microblogging.Firstly,the broadcast/comment data of a microblogging was collected and preprocessed.Then,the formal description of the transmission network was given,and the node’s influence was defined which reflects its significance in the local and global aspects.The results of comparative experiments show that the new definition is reasonable.Besides,some information propagation path modes were proposed,which combine the measurement of influence.Finally,the results by using visualization software-NodeXL show that the information propagation path modes are typical.

    Boardroom electronic voting scheme based on DC-net
    Long-hai LI,Shao-feng FU,Cheng-qiang HUANG
    2012, 33(Z1):  103-109.  doi:10.3969/j.issn.1000-436x.2012.z1.014
    Asbtract ( 223 )   HTML ( 3)   PDF (662KB) ( 659 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A novel electronic voting scheme was proposed which was quite suitable for small scale election setting.An outstanding characteristic of the design was its guarantee of unconditionally perfect ballot secrecy.It satisfied self-tallying,fairness and verifiability.Disruption of the result of an election equals to breaking the discrete logarithm problem.The scheme is built on top of the DC-net (dining cryptographers network) anonymous broadcast protocol.It needs no trusted authority to guarantee its security,but assumes a complete network of private channels between voters.

    Research on multi-tenant data partition mechanism for SaaS application based on shared schema
    Xiao-na LI,Qing-zhong LI,Lan-ju KONG,Cheng PANG
    2012, 33(Z1):  110-120.  doi:10.3969/j.issn.1000-436x.2012.z1.015
    Asbtract ( 346 )   HTML ( 6)   PDF (1109KB) ( 860 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In SaaS model,the multi-tenant data using shared schema partitioned in multiple nodes of the cloud environment was put forward in advance.Based on this,a data partition model and algorithm for multi-tenants to support SaaS application was proposed.Through comparsion with many data partition technology and cloud database solutions mainly for analysis application and lack of transaction support,the theoretical analysis and experimental results reveal that the proposed data partition mechanism can effectively realize the dynamic scalability of the system in cloud environment,at the same time to minimize the cost of the distributed transaction.

    Multi-attribute aware scheduling for inter-datacenter bulk transfers
    Yang-yang LI,Hong-bo WANG,Peng ZHANG,Jian-kang DONG,Shi-duan CHENG
    2012, 33(Z1):  121-131.  doi:10.3969/j.issn.1000-436x.2012.z1.016
    Asbtract ( 278 )   HTML ( 2)   PDF (1028KB) ( 293 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A multi-attribute decision making method to schedule inter-datacenter bulk data was proposed.First,hierarchical analysis was used to analyze the dominant relationship among attributes.Based on the relative weights of attributes which were calculated via information entropy,the evaluation to each intermediate data center was provided.Then the multi-attribute aware scheduling problem was modeled on a time expanded graph and formulated as a minimal cost flow problem.Finally,the scheme with general store-and-forward mechanism and single attribute based approach under several different simulation settings was compared.The results demonstrate that our strategy can take multiple attributes into consideration,and can find the bulk transfer route with the best integrated evaluation.

    Multi-strategy QoS-aware service selection and ranking model
    Lei WU,Yu-long LIU,Shi-jun LIU
    2012, 33(Z1):  141-147.  doi:10.3969/j.issn.1000-436x.2012.z1.018
    Asbtract ( 410 )   HTML ( 0)   PDF (716KB) ( 382 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    As the increment of services with same function and different QoS in the internet,in order to select and rank the services that fulfill users’ functionality requirements and QoS requirements,a multi-strategy QoS-aware service ranking and selection approach is presented.Considering service performance,and service operation,maintenance costs,an extended Web service QoS model was developed.To determine how well a service satisfies users’and operators’ concerned QoS requirements,a set of functions is presented to normalize services’QoS on various QoS aspects with different metrics and scales,also to compute services satisfaction scores ,and to combine the users’satisfaction scores and the operators’scores together as an overall satisfaction scores based on certain strategy.A prototype system was built for service selection and ranking,and the model above was verified through an application case.

    Research on selective trust-path search and aggregation in distributed environment
    Yan-lin QIN,Xiao-ping WU,Jian-xin GAO
    2012, 33(Z1):  148-156.  doi:10.3969/j.issn.1000-436x.2012.z1.019
    Asbtract ( 262 )   HTML ( 0)   PDF (745KB) ( 491 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Current trust models based on reputation had some disadvantages in characterizing recommendation credibility and dealing with Trust-Path Search and aggregation.To solve these problems,an updating algorithm for recommendation credibility was proposed considering factors of time decay,recommendation inosculation and success transaction rate.Furthermore,a selective search-algorithm for trust-path in distributed environment was presented.The algorithm uses recommendation credibility,evaluation similarity and trust-path length as its control parameters and can evade malicious nodes directly in the process of searching.It can also stop the search for unnecessary trust-paths and execute the search for paths containing valuable recommendation.Lastly,trust aggregation method was given by using an advanced combining algorithm in D-S theory of evidence.Simulation results show that compared with existing trust models,the proposed model is more robust on defending attacks of various malicious nodes.

    Memory contents patch based virtual machine synchronization
    Jian-wei LIAO,Shan-xiong CHEN,Li LI
    2012, 33(Z1):  157-164.  doi:10.3969/j.issn.1000-436x.2012.z1.020
    Asbtract ( 242 )   HTML ( 1)   PDF (856KB) ( 290 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A quantitative analysis has been conducted on memory contents difference for various high availability benchmarks.Based on this study memory contents patch based backup virtual machine(VM)synchronization technique was proposed,which finds the best match memory section for each dirty memory section;then compresses the difference contents in these two sections using hash based XOR compression technique in the primary VM; finally,it sends the packed data to the backup VM.For the backup VM part,it first decodes the received data and re-constructs the dirty pages,and then applies these pages to complete the VM synchronization.The experimental results show that compared with regular asynchronous replication,the proposed mechanism can reduce the synchronization data and network traffic by up to 80%,and then benefit to the synchronization to a great extent.

    Parallel complex event processing system based on S4 framework
    Hao CHEN,Yu LI,Song-lin HU,Ying LIANG
    2012, 33(Z1):  165-169.  doi:10.3969/j.issn.1000-436x.2012.z1.021
    Asbtract ( 276 )   HTML ( 0)   PDF (683KB) ( 440 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    There was a throughput bottleneck for complex event processing in only one computer,and the existing general-purpose parallel framework was not suitable for complex event processing system.Based on the analysis of existing parallel technology,fourteen kinds of complex event processing operator and a parallel framework by operator for complex event processing system were proposed,the event stream load triage based on operator was given.S4 system for parallel complex event processing system was utilized,provided greater reliability and throughput than stand-alone operation.Through the cluster experiments show that,within a certain range,the throughput of the system can be increased with the number of cluster nodes linear growth.

    VNE-AFS:virtual network embedding based on artificial fish swarm
    Qiang ZHU,Hui-qiang WANG,Hong-wu LV,Zhen-dong WANG
    2012, 33(Z1):  170-177.  doi:10.3969/j.issn.1000-436x.2012.z1.022
    Asbtract ( 250 )   HTML ( 1)   PDF (776KB) ( 434 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Recently virtual network embedding problem had been proposed as a research challenge in the cloud computing environment.In order to reduce the costs,a virtual network embedding algorithms based on artificial fish swarm(VNE-AFS)was proposed.A binary combinatorial optimization model was built according to the constraints on nodes and links between virtual network and substrate network,and the artificial fish swarm algorithm was used to achieve the approximate optimal mapping.The simulation results indicate that the costs of substrate network and computation time are reduced and the success rate,average revenue of embedding and average usage of links are increased compared with the existing virtual network embedding algorithms.

    Mobile detection of replication attacks in wireless sensor network
    Xiang-yi CHEN,Liang-min WANG,Yong-zhao ZHAN
    2012, 33(Z1):  178-185.  doi:10.3969/j.issn.1000-436x.2012.z1.023
    Asbtract ( 220 )   HTML ( 0)   PDF (376KB) ( 251 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The detection schemes proposed so far are not satisfactory because they are energy and memory demanding,not suit for use in resource-constrained wireless sensor networks.the detection of replica attack was focused on in WSN.from the intuition that mobility,in conjunction with the one-hop sensor node’s communication,helps detect the replica attack globally.Then,propose a mobile detection method to detect the replica attack.Analysis and simulations result show that the our method helps to detect replica attacks effectively and efficiently,with a small and well-balanced overhead in the network.

    Warehouse mobile access network security associate pre-anticipated notification scheme based on AAA authentication
    Yong-hui ZHANG,Zhang-xi LIN,Jian-hua LIU,Quan LIANG
    2012, 33(Z1):  186-191.  doi:10.3969/j.issn.1000-436x.2012.z1.024
    Asbtract ( 199 )   HTML ( 0)   PDF (1064KB) ( 399 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A security pre-anticipated notification scheme was proposed for network mobility,based on AAA authentication.Pre-judged handover by wireless sensor network locating,security association information context was triggered to forward to data processing center in corresponding node router,in order to achieve trust authentication in advance.The scheme models on Pi calculus proved its compatibility with NEMO basic protocol.Analysis results display that costs become the half and simulations results show delay and resource occupied reduces significantly.

    Research on resource monitoring and billing mechanisms of application engine in cloud computing environment
    Yi REN,Jing ZHANG,Hong CHEN,Qing-bo WU,Jin-zhu KONG,Hua-dong DAI,Gang GUAN
    2012, 33(Z1):  192-200.  doi:10.3969/j.issn.1000-436x.2012.z1.025
    Asbtract ( 230 )   HTML ( 4)   PDF (509KB) ( 702 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A comprehensive study on the billing methods of existing cloud computing platforms was made.Then,AppScale,an open sourced scalable and typical PaaS software,as the foundation platform of our target resource monitoring and billing mechanisms was chose.Appscale’s structure,its components and how they worked together was analyzed.CloudMB,which enhanced AppScale by supporting process level resource monitoring and multi-user oriented billing function with flexible billing policies was designed and implemented.Finally,experiment verified that CloudMB is effective and its occupation of CPU time is lower than 3%.

    Topology modeling and analysis of emergency communications network
    Wei WANG,Wen-hong ZHAO
    2012, 33(Z1):  201-209.  doi:10.3969/j.issn.1000-436x.2012.z1.026
    Asbtract ( 233 )   HTML ( 4)   PDF (769KB) ( 794 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The construction method,throughput and related properties about the topology model of emergency communication networks were discussed.Firstly,the topology modeling method was presented by three steps,such as the constructions of backbone network,access network and station network.Then,the capacity of network model was analyzed in conditions of arbitrary networks and random networks.At last,some topology properties were discussed,including the shortest path,node degree,rich club,betweenness centrality,current flow centrality,eccentricity and closeness vitality.The experiment results show that the proposed modeling method is steady and applicable to the emergency communication.

    Evolution entropy risk assessment of ERP information security based on the business process
    Biao SONG,Jian-ming ZHU
    2012, 33(Z1):  210-215.  doi:10.3969/j.issn.1000-436x.2012.z1.027
    Asbtract ( 262 )   HTML ( 1)   PDF (646KB) ( 475 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    ERP internal security holes often bind with business process closely,make the value of information assets has dynamic properties and difficult to determined,so such security will not be prompt capture and evaluation.Compored the difference of ERP system and other information system in the information security,the risk assessment model which adapt to the characteristics of ERP system was proposed,and gave a new idea for the ERP system information safety risk assessment.

    Network technology research under cloud computing environment
    Lei XU,Yun-yong ZHANG,Jun WU,Bing-yi FANG
    2012, 33(Z1):  216-221.  doi:10.3969/j.issn.1000-436x.2012.z1.028
    Asbtract ( 434 )   HTML ( 24)   PDF (655KB) ( 1020 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The framework of cloud computing network around data center was proposed.Through the analysis of new demands of the network in the cloud computing environment,new technologies were discussed in detail for the virtual machine local network,data center local network,across data center network,user access network and SDN.Development proposal was provided in order to prepare for the implementation of cloud computing network technology.

    Representation model of structured document for multilevel security
    Mang SU,Feng-hua LI,Guo-zhen SHI,Li LI
    2012, 33(Z1):  222-227.  doi:10.3969/j.issn.1000-436x.2012.z1.029
    Asbtract ( 222 )   HTML ( 0)   PDF (714KB) ( 418 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to solve the problem caused by the variety and openness of the network,the research for the models of structured document and access control were taken.A new structured document representation model and method for the security requirements of the multi-element access control and multi-level security was proposed,and corresponding structure of security attribute and example of extensible markup language (XML) was given.Finally,analyzed the security performance.

    Algorithm of NAF scalar multiplication on ECC against SPA
    Min WANG,Zhen WU
    2012, 33(Z1):  228-232.  doi:10.3969/j.issn.1000-436x.2012.z1.030
    Asbtract ( 397 )   HTML ( 6)   PDF (765KB) ( 1192 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Against the problem that non-adjacent form(NAF)scalar multiplication on Elliptic curve cryptography(ECC) were not well resist the simple power attack(SPA),the implementation of NAF scalar multiplication and the mechanism of SPA attack were analyzed.Then a new algorithm,named equal power NAF scalar multiplication was presented.It was verified that equal power NAF scalar multiplication was efficient countermeasure against SPA attack by experimental analysis on power traces of the smartcard collected from the power analysis platform.

    Research of WLAN authentication in roaming environment with the trend of network integration
    Zhang-zhe LIU,Hua-ying SHU
    2012, 33(Z1):  233-238.  doi:10.3969/j.issn.1000-436x.2012.z1.031
    Asbtract ( 257 )   HTML ( 0)   PDF (737KB) ( 434 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In the tendency of network convergence,the method of WLAN network client authentication based on telecommunications network will be the main way of WLAN authentication in the future.In order to make WLAN authentication efficiency and security under roaming condition,WLAN authentication requirements were analyzed,the authentication mode,the process and the existing problems were discussed.An application model and design scheme of WLAN network client authentication based on EAP SIM/AKA protocol with the trend of network integration were proposed and verified.Experimental results show that this application model can complete the EAP SIM/AKA protocol identification of a WLAN client in roaming process,reduce the investment of networks,keep the safety grades of the nodes in the visited WLAN with the initial safety grades,and realize the real-time charging.

    Specification and enforcement of personalized privacy policy for social network
    Yuan WANG,Yu-qing SUN,Le-le MA
    2012, 33(Z1):  239-249.  doi:10.3969/j.issn.1000-436x.2012.z1.032
    Asbtract ( 275 )   HTML ( 1)   PDF (929KB) ( 489 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    An authorization model was proposed to support personalized privacy preferences in the first-logic privacy preference language.The language allowed users to express personalized privacy preferences.Visitor-role authorization rules based on the attributes of visitors and role-permission assignment rules based on the tags of objects were introduced,which resolve dynamic authorization and fine-grained rights assignment problems.Analyzed privacy policy conflict cases and realized policy consistency verification by Prolog logic programming.Designed a personalized privacy policy management and implementation middleware for social network.In the middleware,it integrated the management of personalized policy into access control system on the existing resources.The experiments show that the policy conflict analysis has good efficiency in the implementation.

    Improvement and formal proof on protocol Otway-Rees
    Lai-feng LU,Xin-dong DUAN,Jian-feng MA
    2012, 33(Z1):  250-254.  doi:10.3969/j.issn.1000-436x.2012.z1.033
    Asbtract ( 459 )   HTML ( 20)   PDF (655KB) ( 826 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Choosing the authentication key distribution protocol Otway-Rees as the research object,using protocol composition logic (PCL) as proof tool,the security protocol analysis and formal proof was studied.Firstly,this paper gave the forms of security attack,analyzed the Otway-Rees defects and put forward the amended protocol (named as AOR protocol).Then,PCL was extended.And then PCL was used to describe and prove the behavior of each entity and the safety of the protocol attribute formally.Finally,the conclusion was given that the amended AOR protocol has the security attribute of key confidentiality.

    Effect evaluation of one-hop transmission distance vs performance in wireless sensor network
    Zhi-jie LIU,Jun TAO,Wen-qiang CHEN
    2012, 33(Z1):  255-261.  doi:10.3969/j.issn.1000-436x.2012.z1.034
    Asbtract ( 282 )   HTML ( 1)   PDF (839KB) ( 579 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The research was on the influence of transmission distance respectively on energy consumption and transmission rate in wireless sensor network.The views of traditional work on this impact was not so precise,which was essential to the performance of WSN.The sensor node used,experimental environment and design have been introduced;Then the packet loss ratio for different transmission distance have been examined experimentally,and their functional relation by fitting the experimental data have been acquired; finally,considering packet retransmission based on that conclusion at the same time,focused on the variance of energy cost and transmission rate with distance.The main contribution is to acquire the quantitative effect evaluation of one-hop transmission distance and performance in WSN.

    Detecting P2P botnet based on the role of flows
    Yuan-zhang SONG,Jun-ting HE,Bo ZHANG,Jun-jie WANG,An-bang WANG
    2012, 33(Z1):  262-269.  doi:10.3969/j.issn.1000-436x.2012.z1.035
    Asbtract ( 193 )   HTML ( 0)   PDF (755KB) ( 227 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Towards the weaknesses of the existing detection methods of P2P botnet,a novel real-time detection model based on the role of flows was proposed,which was named as RF.According to the characteristics of flows,the model made the flows play the different roles in the detection of the P2P botnet to detect the essential abnormality and the attacking abnormality.And the model considered the influence on the detection of the P2P botnet which the Web applications generated,especially the applications based on the P2P protocols.To minimize the false positive rate and false negative rate,a real-time method based on the sliding window to estimate the Hurst parameter was proposed,and the Kaufman algorithm was applied to adjust the threshold dynamically.The experiments showed that the model was able to detect the new P2P botnet with a relatively high precision.

    New adaptively secure key-policy attribute-based encryption scheme
    Song LUO,Zhong CHEN
    2012, 33(Z1):  270-275.  doi:10.3969/j.issn.1000-436x.2012.z1.036
    Asbtract ( 173 )   HTML ( 2)   PDF (615KB) ( 480 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A new key-policy attribute-based encryption scheme based on 3 dimension dual orthonormal bases was proposed.This scheme was constructed in prime order groups with adaptive security and supporting access structures.It has been proved the security from decisional linear assumption by using dual system encryption technique.Compared with previous key-policy ABE scheme which is also adaptively secure,the scheme is more efficient at the same security level.

    Power model in power analysis attack
    Peng LUO,Deng-guo FENG,Yong-bin ZHOU
    2012, 33(Z1):  276-281.  doi:10.3969/j.issn.1000-436x.2012.z1.037
    Asbtract ( 330 )   HTML ( 6)   PDF (745KB) ( 1749 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A mapping relation model should be established between data value and power value which is collected from device under attack when the power analysis attack accuse.The sensitive information can be fund through the power trace analysis using this type of relation.Hamming distance model and hamming weight model were described based on device’s physical characteristics.Furthermore,the correctness of hamming weight model was proved not only by Formula Derivation,but also by experiment under power consumption collection platform based on MCU.The experimental results show that hamming weight model is a valid and practicable model in power analysis attack.

    Analysis of DRM game control
    Guo-jun MA,Qing-qi PEI,Xiao-hong JIANG
    2012, 33(Z1):  282-286.  doi:10.3969/j.issn.1000-436x.2012.z1.038
    Asbtract ( 186 )   HTML ( 3)   PDF (277KB) ( 448 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    To overcome the limitations of individual rationality,a game control model was proposed.The controller of game is global rational.To achieve global optimization,the controller chooses strategies according to the control goal,and the controlled chooses the strategies according to the principle of individual rationality.Based on the model and the analysis of relationships and actions of DRM value chain,a model of DRM game control is presented.Content provider actions as the controller of the game,and the global optimization strategies which the content provider choose are discussed,which provides the guidance theory of rational DRM applications.

Copyright Information
Authorized by: China Association for Science and Technology
Sponsored by: China Institute of Communications
Editor-in-Chief: Zhang Ping
Associate Editor-in-Chief:
Zhang Yanchuan, Ma Jianfeng, Yang Zhen, Shen Lianfeng, Tao Xiaofeng, Liu Hualu
Editorial Director: Wu Nada, Zhao Li
Address: F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China
Post: 100079
Tel: 010-53933889、53878169、
53859522、010-53878236
Email: xuebao@ptpress.com.cn
Email: txxb@bjxintong.com.cn
ISSN 1000-436X
CN 11-2102/TN
Links
More...
Visited
Total visitors:
Visitors of today:
Now online:
Copyright of website © 2021 Journal on Communications
Address: F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China   Post: 100079
Tel: 010-53933889、53878169、53859522、53878236   Email: xuebao@ptpress.com.cn; txxb@bjxintong.com.cn