Please wait a minute...

Current Issue

    25 November 2014, Volume 35 Issue 11
    Previous Issue    Next Issue
    Survey on security and privacy preserving for mobile internet service
    2014, 35(11):  1-8. 
    Asbtract ( 933 )   Knowledge map   
    Related Articles | Metrics
    With the development of the broadband wireless access technology and mobile terminal technology, mobile internet arises at the historic moment and has been rapid development, by which users can easily obtain information and services from the internet anywhere at any time. However, owing to the openness of cloud computing platform, the mobile communication network and mobile terminals, information transmission and control mechanisms in traditional internet are no longer fit in with that in mobile internet, it is a key point for mobile internet to ensure information security and user privacy protection. Combined with the latest trend of the development of the mobile internet at home and abroad, a number of contributions to mobile internet service and privacy protection are made. First, an overview of mobile internet service models and mobile internet services architectures is given. Second, the current data transmission control mechanisms and privacy protection mechanisms in mobile internet are ravened and discussed. Finally, the potential research issues for the future research works are shown.
    privacy protection
    Anonymization algorithm based on time density for data stream
    Jing XIE,Jian-pei ZHANG,Jing YANG,Bing ZHANG
    2014, 35(11):  1-201.  doi:10.11959/j.issn.1000-436x.2014.11.022
    Asbtract ( 184 )   HTML ( 1)   PDF (1024KB) ( 200 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Aim to address the problem of anonymization on data streams,an anonymization algorithm based on time density for data stream was proposed.Time weight and time density were designed for describing the data stream’s temporal,when the published clusters reach the threshold,it will delete the minimum time density cluster to ensure the availability of published clusters.Furthermore,in order to maintain the higher efficiency,the algorithm scans the data only once to satisfy the anonymization requirements for speeding up.The experimental results on the real dataset show that the algorithm is efficient and effective meanwhile the quality of the output data.

    Identifying method for opinion leaders in social network based on competency model
    2014, 35(11):  2-16. 
    Asbtract ( 596 )   Knowledge map   
    Related Articles | Metrics
    A competency model of opinion leaders in social networks is presented, which includes three capacity factors, some explicit and implicit behavioral indicators. These characteristics of information production, information dissemination and information influence which opinion leaders should have. Based on the proposed competency model, social network users into four categories which divided: the general public, the activists, the topic opinion leaders and network opinion leaders. Then a hierarchical filtering process is designed and a system framework of filtering experimental for identifying opinion leaders is introduced. It takes the data extracted from the Sina microblog as input, then integrates some social network analysis tools such as MALLET, and develops the programs for specific functions with Python. Eventually, the opinion leaders of microblog can be identified. The experiment results prove the effectiveness of present competency model for opinion leaders and the feasibility of hierarchical filtering process.
    Composable information flow verification for service chain based on model checking
    2014, 35(11):  3-22. 
    Asbtract ( 524 )   Knowledge map   
    Related Articles | Metrics
    A composable information verification approach is proposed for the secure service chain composition. Based on the secure service component, the security constraints for the component’s composibility is specified and the information flow verification algorithms is proposed. Through the experiments and simulation, it shows that the approach can decrease the verification cost effectively and improve the efficiency of the verification.
    Research on cloud-based traffic adaptive command and control method for mobile botnet
    2014, 35(11):  4-30. 
    Asbtract ( 505 )   Knowledge map   
    Related Articles | Metrics
    Botnet is a serious attack evolved from traditional malwares. With the rapid development of computing capability and mobile Internet access technology, building a realistic mobile botnet has become a potential threat. An adaptive traffic control mechanism for cloud-based mobile botnet was proposed. It adopts different traffic consumption strategies according to different 3G or Wi-Fi network environments. Then scheduling algorithms to execute botnet commands was applied. The experimental results show the traffic adaptive algorithm can improve the stealthy and efficiency of mobile botnet while ensure that the botnet commands can be executed effectively.
    Trust-aware dynamic level scheduling algorithm in cloud environment
    2014, 35(11):  5-41. 
    Asbtract ( 433 )   Knowledge map   
    Related Articles | Metrics
    Based on interpersonal trust model in sociology, a trust evaluation model is proposed based on users’ past experience with service provider, friends’ recommendations and third party’s feedback. By combining users’ trust requirement for service resource together with trust degree of service resource and dynamic level scheduling(DLS) algorithm, a novel scheduling algorithm was proposed that was called trust-aware dynamic level scheduling algorithm in cloud environment(CTDLS).The algorithm takes the cloud service resources’ trust degree into account when calculates the scheduling-level of task-resource pairs. The simulation experimental results show that such algorithms can effectively satisfy the tasks’ trust requirement and improve the success rate of parallel tasks scheduling in practice.
    Game theory based trust management method for mobile ad hoc networks
    2014, 35(11):  6-49. 
    Asbtract ( 614 )   Knowledge map   
    Related Articles | Metrics
    A game model is proposed for the indirect trust information obtaining process. A suitable punishment mechanism and design the utility function for nodes in a MANET is given. Moreover, with evolutionary game theory, the trust evolution of nodes using replicator dynamic equation is analyzed and several theorems toillustrate preconditions under which each evolutionarily stable strategy can be achieved are proposed. Experiments verified the correctness and effectiveness of proposed method and simulated the dynamic evolutionary trend of the nodes under different parameters which experimentally proves the proposed theorems.
    Joint power control for untrusted relay cooperation-based confidential communication
    2014, 35(11):  7-58. 
    Asbtract ( 607 )   Knowledge map   
    Related Articles | Metrics
    The scenario that multiple cell-edge mobile stations (MS) all without direct-links to the base station (BS) but have confidential messages in the uplink in the presence of untrusted relay (UR) cooperation was considered. In order to implement the secure communication between BS and multiple MS, destination-based jamming (DBJ) scheme was adopted. With the assumption that all MS had fixed transmit power, the joint UR and BS power control which aims at maximizing system sum secrecy rate was discussed. For this problem, analysis indicated that it was equivalent to joint access control and power allocation problem thus its NP-hard. Through problem relaxation, a suboptimal MS access control and alternatively power allocation algorithm was provided. This algorithm is proved to have polynomial complexity and can converge to at least a suboptimal solution for original problem. Simulation results show that compared with the benchmark algorithms, the proposed suboptimal algorithm is better in the achievable secrecy rate performance.
    Secure and high throughput routing protocol with QoS constraints in cognitive wireless Mesh networks
    2014, 35(11):  8-66. 
    Asbtract ( 506 )   Knowledge map   
    Related Articles | Metrics
    A routing metric SIEB which includes link security, link conflict, link reliability and link available bandwidth was proposed. The SIEB includes link security and link performance two aspects. In order to resist various hole attack, the link trust value based on two hop neighbor feedback is computed in link security weight computing of SIEB. On this basis, a link security weight computing algorithm LSWC and a link performance weight computing algorithm LSPC were proposed, and a distributed routing protocol SIEBP with QoS constraints in cognitive wireless Mesh network was proposed. Finding safety routing path and maximizing the network throughput are the objective of SIEBP. Simulation results show that SIEBP routing protocol can achieve expectation goal. It can not only find safety routing path which can resist black hole attack, gray hole attack and worm hole attack, but also obtain a higher network throughput.
    Artificial noise aided secure beamforming for multi-antenna relay systems
    2014, 35(11):  9-80. 
    Asbtract ( 630 )   Knowledge map   
    Related Articles | Metrics
    In the amplify-and-forward (AF) relay systems, the confidential information forwarded by the relay can be intercepted by the eavesdroppers. For guaranteeing the secure communications, an artificial noise aided secure beamforming method is proposed. The goal is to maximize the secrecy rate of the system by jointly designing the beamforming matrix and the artificial noise (AN) covariance matrix at the relay subject to the total power and the per-antenna power constraints. This non-convex secrecy rate maximization (SRM) problem can be recast as a two-level optimization problem. The outer part can be solved by performing a one-dimensional search, and the inner part can be handled by the semidefinite relaxation (SDR) technique and interior-point methods. It is shown that there always exists a rank-one optimal solution for the SDR problem, i.e., the relaxation is tight to the original problem. Simulation results demonstrate that the proposed method can improve the security performance of the system significantly.
    Coordinated beamforming for cognitive multi-cell networks with wiretap channels
    2014, 35(11):  10-88. 
    Asbtract ( 448 )   Knowledge map   
    Related Articles | Metrics
    Owing to the coupling among the vectors to be optimized, the problem becomes non-convex and non-linear. Accordingly, a centralized coordinated beamforming design method was proposed by constraining the leakage interference and using the semi-definite relaxation, and on the base of it, a decentralized algorithm was also proposed by decomposing the centralized design problem into a group of sub-problems on each cell’s base by using dual decomposition. Simulation results show that the proposed schemes make effective reduction in power consumption while guarantee the legal users’ secrecy rate requirement and the cognitive interference constraint. Moreover, the proposed decentralized method not only reduces the computational complexity, but also has the same performance as the centralized algorithm.
    Network isolation communication scheme to resist against covert channel
    2014, 35(11):  11-97. 
    Asbtract ( 487 )   Knowledge map   
    Related Articles | Metrics
    With the rapid development of network technologies, real-time information exchanging between heterogeneous networks becomes more frequently. To effectively guarantee the secure and real-time information exchanging crossing different networks, a network isolation communication scheme (NICS) is proposed to resist against covert channel. A newly theoretical model of NICS is designed and proved based on the information theory, and followed with a specific solution. Security analysis indicates that the NICS is able to effectively solve problems of the potential packet lengths’ covert channel (PLCC) and the status covert channel (SCC) in most of the existing work; and, given similar amount of information for exchanging, the NICS can achieve equivalent security degree with the physical isolation in terms of resisting against the covert channel.
    GUC-secure protocol for private relational join operator computing
    2014, 35(11):  12-106. 
    Asbtract ( 536 )   Knowledge map   
    Related Articles | Metrics
    It is one of important applications of secure multiparty computation that privacy-preserving SQL computation in distributed relational database. There are only few works dealing with provably-secure privacy-preserving data manipulations in contrast with comparatively abundant works on privacy-preserving data-query in database, among which the join operator is the most powerful in generating new data (relation). By making use of anonymous IBE (identity-based encryption) scheme and its user private-keys blind generation techniques, a very general cryptographic protocol framework is proposed for secure 2-party join computation. This construction is provably GUC (generalized universally composable) secure in the standard model with acceptable efficiency.
    network security
    Identifying method for opinion leaders in social network based on competency model
    Bo CHEN,Xiang-yan TANG,Ling YU,Ya-shang LIU
    2014, 35(11):  12-22.  doi:10.11959/j.issn.1000-436x.2014.11.002
    Asbtract ( 335 )   HTML ( 9)   PDF (2638KB) ( 1727 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A competency model of opinion leaders in social networks is presented,which includes three capacity factors,some explicit and implicit behavioral indicators.These characteristics of information production,information dissemination and information influence which opinion leaders should have.Based on the proposed competency model,social network users into four categories which divided:the general public,the activists,the topic opinion leaders and network opinion leaders.Then a hierarchical filtering process is designed and a system framework of filtering experimental for identifying opinion leaders is introduced.It takes the data extracted from the Sina microblog as input,then integrates some social network analysis tools such as MALLET,and develops the programs for specific functions with Python.Eventually,the opinion leaders of microblog can be identified.The experiment results prove the effectiveness of present competency model for opinion leaders and the feasibility of hierarchical filtering process.

    SAT-based lazy formal analysis method for security protocols
    2014, 35(11):  13-116. 
    Asbtract ( 402 )   Knowledge map   
    Related Articles | Metrics
    A SAT-based security protocol formalization analysis method named SAT-LMC is proposed. The method introduces optimized the initial state and transformational rules with “lazy” idea. The efficiency of detection is significantly improved. Moreover, by adding support for strong type flaw attack defect, the attack detection becomes more comprehensive. A security protocol analysis tool is implemented based on the method; a type flaw attack is detected for protocol Otway-Rees. For OAuth2.0 protocol, analysis shows that there is a kind of man-in-the-middle attack of the authorization code in some application scenarios.
    Provably secure and efficient certificateless sequential multi-signature scheme in random oracle model
    2014, 35(11):  14-126. 
    Asbtract ( 429 )   Knowledge map   
    Related Articles | Metrics
    Certificate less sequential multi-signature scheme could resolve the problem of authentication of recommendation information transmitted through trust train. Qin yan-lin, et al proposed an efficient certificateless sequential multi-signature scheme, and proved the security is based on the fact that computational Diffie-Hellman problem is hard in the random oracle. It is found that Qin's scheme is insecure against the forgery attack after analysing the security proof. If an adversary has obtained the signers’ multi-signature, it can forgery the multi-signature for any other message. Then, a more efficient certificateless sequential multi-signature scheme is construced which has lower computation cost and communication cost for using less bilinear pairings and only generating one signature message. Finally, the security proof shows that the proposed scheme can resist the forgery attack under the model of random oracle.
    Edwards curves based security authentication protocol for mobile RFID systems
    2014, 35(11):  15-137. 
    Asbtract ( 441 )   Knowledge map   
    Related Articles | Metrics
    Existing work about RFID authentication protocols is usually difficult to adapt to mobile RFID systems. In order to solve the problem, an Edwards curves based security authentication protocol for mobile RFID systems is proposed. The protocol can improve the ability of resisting the side channel attacks by using the Edwards curve and the elliptic curve discrete logarithm problem is applied to implement safety certification. Further the tag and reader’s untraceable privacy is proved by using the provable security method, the security analysis shows that the protocol can be more effective against for various attacks which have existed. Compared with the existing structure similar to RFID authentication protocol, the protocol has better scalability and its security and performance is superior to other solutions.
    New secure distributed secret sharing scheme of n product
    2014, 35(11):  16-144. 
    Asbtract ( 403 )   Knowledge map   
    Related Articles | Metrics
    Since Shamir’s secret sharing scheme does not have the property of the multiplicative homomorphism, an encoding method is utilized for privacy-preserving data to overcome the drawbacks in secure distributed multiplication calculation when using traditional Shamir’s polynomial to share the product of n secrets. Using this encoding method with multiplicative homomorphism and a commitment scheme supporting additive homomorphism, a new secure distributed secret sharing scheme of n product in one session is implemented and the proposed scheme is secure under the presence of malicious participants. The analysis shows that proposed scheme is not only more simple and feasible but also more efficient than previous schemes.
    New remote authorization protocol for vehicle diagnosis
    2014, 35(11):  17-154. 
    Asbtract ( 580 )   Knowledge map   
    Related Articles | Metrics
    The authorization of diagnosis principals is a critical problem in the remote fault diagnosis of vehicles. Considering the defects of the previous authorization protocol for the remote diagnosis, i.e. PVAUDS, a novel authorization protocol is proposed, named PVAUDS+. In addition to the enforcement on the security properties of PVAUDS, the bidirectional authentication and the freshness of authorization tickets for the diagnosis principals are provided. The resistance of Denial-of-Service (DoS) attack for the trusted third party is also provided. The proposed security targets are achieved through the cost increasing of requests for the resistance of DoS attack, the automatic proof of security properties with the ProVerif tool. The results of quantitative analysis show proposed protocol is practical for use.
    Design of secure privacy-preserving data aggregation scheme for wireless sensor network
    2014, 35(11):  18-164. 
    Asbtract ( 619 )   Knowledge map   
    Related Articles | Metrics
    A secure privacy-preserving data aggregation (SPPDA) scheme was proposed to preserve data privacy and integrity during data aggregation in wireless sensor network. Firstly, a complex number is composed from the private factor of the nodes and the original data; then the complex number is encrypted with homomorphic encryption method,which can realize the data aggregation in the case of not decrypt ciphertext. Also,the reliability of date is ensued by using integrity verification method based on complex.Theoretical analysis and simulation results show that computational cost and communication overhead of the SPPDA are less, and accuracy of data aggregation results is high.
    Location privacy-preserving method of k-anonymous based on service similarity
    2014, 35(11):  19-170. 
    Asbtract ( 579 )   Knowledge map   
    Related Articles | Metrics
    Location k-anonymity is the one of the most popular location privacy-preserving technologies for location-based services, which has proved to be quivering in the balance with privacy protection levels, service quality and communication overhead. In order to address these challenges, a novel location cloaking technique is introduced without modifying the existing LBS system architecture. The location service similarity is introduced to assist anonymity server in looking for anonymous area, which not only balancing an individual’s need for high-quality information services against that individual’s need for location privacy, but also reducing the computation and communication overhead. Experimental results validate effectiveness of the proposed method.
    Image watermarking algorithm against attacks based on SIFT feature point and cross-ratio value
    2014, 35(11):  20-180. 
    Asbtract ( 416 )   Knowledge map   
    Related Articles | Metrics
    In order to improve the robustness of the digital watermarking image against common image processing and complex geometric attacks, a novel robust watermarking scheme of digital image was proposed by using the stable SIFT(scale invariant feature transform) feature points and the cross-ratio values with the characteristic of invariability. Firstly, the original digital image was decomposed with NSCT (non-subsampled contourlet transform), thus the SIFT feature points were extracted in the NSCT low-frequency coefficients. By optimizing and screening these SIFT feature points, some stable SIFT feature points were gotten and some quadrilateral regions which met the needs of “near-convexity square”were searched out in these stable feature points. These quadrilateral regions would be used as local watermarking regions. Secondly, some cross-ratio values designed in advance were used to determine the low-frequency coefficients to be embedded watermarking information. Lastly, the watermarking information was embedded in these low-frequency coefficients by using odd-even quantization index modulation method. Compared with the traditional algorithms, the image embedded watermarking information and attacked by geometric distortion does not conduct inverse geometric transform when the watermarking information was extracted. Experimental results show that the proposed scheme has a good ability of robustness against common image processing and various geometric attacks.
    KAP: location privacy-preserving approach in location services
    2014, 35(11):  21-191. 
    Asbtract ( 579 )   Knowledge map   
    Related Articles | Metrics
    Preserving location privacy is an essential requirement in mobile internet. A location privacy protection approach named KAP was proposed which aimed at the privacy issue of location service under the mobile Internet. Through the analysis on locating technology, a weighted adjacent graph-based topology model was given in order to describe the positional relationship between hot spots. Meanwhile, with the help of the model, combining the concept of k-anonymity, three privacy algorithms was shown to make sure the location can not be obtained precisely by attacker. The simulation results verified the correctness and performance of the approach.
    Anonymization algorithm based on time density for data stream
    2014, 35(11):  22-199. 
    Asbtract ( 498 )   Knowledge map   
    Related Articles | Metrics
    Aim to address the problem of anonymization on data streams, an anonymization algorithm based on time density for data stream was proposed. Time weight and time density were designed for describing the data stream’s temporal, when the published clusters reach the threshold, it will delete the minimum time density cluster to ensure the availability of published clusters. Furthermore, in order to maintain the higher efficiency, the algorithm scans the data only once to satisfy the anonymization requirements for speeding up. The experimental results on the real dataset show that the algorithm is efficient and effective meanwhile the quality of the output data.
    network security
    Composable information flow verification for service chain based on model checking
    Ning XI,Jian-feng MA,Cong SUN,Di LU,Tao ZHANG
    2014, 35(11):  23-31.  doi:10.11959/j.issn.1000-436x.2014.11.003
    Asbtract ( 247 )   HTML ( 4)   PDF (2039KB) ( 374 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A composable information verification approach is proposed for the secure service chain composition.Based on the secure service component,the security constraints for the component’s composibility is specified and the information flow verification algorithms is proposed.Through the experiments and simulation,it shows that the approach can decrease the verification cost effectively and improve the efficiency of the verification.

    Research on cloud-based traffic adaptive command and control method for mobile botnet
    Wei CHEN,Shi-wen ZHOU,Cheng-yu YIN
    2014, 35(11):  32-38.  doi:10.11959/j.issn.1000-436x.2014.11.004
    Asbtract ( 249 )   HTML ( 0)   PDF (780KB) ( 143 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Botnet is a serious attack evolved from traditional malwares.With the rapid development of computing capability and mobile Internet access technology,building a realistic mobile botnet has become a potential threat.An adaptive traffic control mechanism for cloud-based mobile botnet was proposed.It adopts different traffic consumption strategies according to different 3G or Wi-Fi network environments.Then scheduling algorithms to execute botnet commands was applied.The experimental results show the traffic adaptive algorithm can improve the stealthy and efficiency of mobile botnet while ensure that the botnet commands can be executed effectively.

    Trust-aware dynamic level scheduling algorithm in cloud environment
    Jie CAO,Guo-sun ZENG,Huo-wen JIANG,Hai-ying MA
    2014, 35(11):  39-49.  doi:10.11959/j.issn.1000-436x.2014.11.005
    Asbtract ( 281 )   HTML ( 1)   PDF (2202KB) ( 526 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Based on interpersonal trust model in sociology,a trust evaluation model is proposed based on users’ past experience with service provider,friends’ recommendations and third party’s feedback.By combining users’ trust requirement for service resource together with trust degree of service resource and dynamic level scheduling(DLS) algorithm,a novel scheduling algorithm was proposed that was called trust-aware dynamic level scheduling algorithm in cloud environment(CTDLS).The algorithm takes the cloud service resources’ trust degree into account when calculates the scheduling-level of task-resource pairs.The simulation experimental results show that such algorithms can effectively satisfy the tasks’ trust requirement and improve the success rate of parallel tasks scheduling in practice.

    Game theory based trust management method for mobile ad hoc networks
    Jing-jing GUO,Jian-feng MA,Qi LI,Tao WAN,Cong GAO,Liang ZHANG
    2014, 35(11):  50-58.  doi:10.11959/j.issn.1000-436x.2014.11.006
    Asbtract ( 339 )   HTML ( 3)   PDF (1080KB) ( 483 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A game model is proposed for the indirect trust information obtaining process.A suitable punishment mechanism and design the utility function for nodes in a MANET is given.Moreover,with evolutionary game theory,the trust evolution of nodes using replicator dynamic equation is analyzed and several theorems toillustrate preconditions under which each evolutionarily stable strategy can be achieved are proposed.Experiments verified the correctness and effectiveness of proposed method and simulated the dynamic evolutionary trend of the nodes under different parameters which experimentally proves the proposed theorems.

    secure communication
    Joint power control for untrusted relay cooperation-based confidential communication
    Wen-jiang FENG,Wei-heng JIANG,Yi-na DENG,Yang YUAN
    2014, 35(11):  59-68.  doi:10.11959/j.issn.1000-436x.2014.11.007
    Asbtract ( 235 )   HTML ( 2)   PDF (2247KB) ( 470 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The scenario that multiple cell-edge mobile stations (MS) all without direct-links to the base station (BS) but have confidential messages in the uplink in the presence of untrusted relay (UR) cooperation was considered.In order to implement the secure communication between BS and multiple MS,destination-based jamming (DBJ) scheme was adopted.With the assumption that all MS had fixed transmit power,the joint UR and BS power control which aims at maximizing system sum secrecy rate was discussed.For this problem,analysis indicated that it was equivalent to joint access control and power allocation problem thus its NP-hard.Through problem relaxation,a suboptimal MS access control and alternatively power allocation algorithm was provided.This algorithm is proved to have polynomial complexity and can converge to at least a suboptimal solution for original problem.Simulation results show that compared with the benchmark algorithms,the proposed suboptimal algorithm is better in the achievable secrecy rate performance.

    Secure and high throughput routing protocol with QoS constraints in cognitive wireless Mesh networks
    Zhu-fang KUANG,Zhi-gang CHEN,Guo-jun WANG,Hui LIU
    2014, 35(11):  69-80.  doi:10.11959/j.issn.1000-436x.2014.11.008
    Asbtract ( 248 )   HTML ( 0)   PDF (1161KB) ( 362 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A routing metric SIEB which includes link security,link conflict,link reliability and link available bandwidth was proposed.The SIEB includes link security and link performance two aspects.In order to resist various hole attack,the link trust value based on two hop neighbor feedback is computed in link security weight computing of SIEB.On this basis,a link security weight computing algorithm LSWC and a link performance weight computing algorithm LSPC were proposed,and a distributed routing protocol SIEBP with QoS constraints in cognitive wireless Mesh network was proposed.Finding safety routing path and maximizing the network throughput are the objective of SIEBP.Simulation results show that SIEBP routing protocol can achieve expectation goal.It can not only find safety routing path which can resist black hole attack,gray hole attack and worm hole attack,but also obtain a higher network throughput.

    network security
    Artificial noise aided secure beamforming for multi-antenna relay systems
    Li-jian ZHANG,Liang JIN,Lu LIU,Wen-yu LUO
    2014, 35(11):  81-88.  doi:10.11959/j.issn.1000-436x.2014.11.009
    Asbtract ( 255 )   HTML ( 8)   PDF (1306KB) ( 653 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In the amplify-and-forward (AF) relay systems,the confidential information forwarded by the relay can be intercepted by the eavesdroppers.For guaranteeing the secure communications,an artificial noise aided secure beamforming method is proposed.The goal is to maximize the secrecy rate of the system by jointly designing the beamforming matrix and the artificial noise (AN) covariance matrix at the relay subject to the total power and the per-antenna power constraints.This non-convex secrecy rate maximization (SRM) problem can be recast as a two-level optimization problem.The outer part can be solved by performing a one-dimensional search,and the inner part can be handled by the semidefinite relaxation (SDR) technique and interior-point methods.It is shown that there always exists a rank-one optimal solution for the SDR problem,i.e.,the relaxation is tight to the original problem.Simulation results demonstrate that the proposed method can improve the security performance of the system significantly.

    Coordinated beamforming for cognitive multi-cell networks with wiretap channels
    Dong-hua CHEN,Xiu-xiu ZHANG,Wei-bo XIE
    2014, 35(11):  89-95.  doi:10.11959/j.issn.1000-436x.2014.11.010
    Asbtract ( 245 )   HTML ( 2)   PDF (1050KB) ( 295 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Owing to the coupling among the vectors to be optimized,the problem becomes non-convex and non-linear.Accordingly,a centralized coordinated beamforming design method was proposed by constraining the leakage interference and using the semi-definite relaxation,and on the base of it,a decentralized algorithm was also proposed by decomposing the centralized design problem into a group of sub-problems on each cell’s base by using dual decomposition.Simulation results show that the proposed schemes make effective reduction in power consumption while guarantee the legal users’ secrecy rate requirement and the cognitive interference constraint.Moreover,the proposed decentralized method not only reduces the computational complexity,but also has the same performance as the centralized algorithm.

    Network isolation communication scheme to resist against covert channel
    Feng-hua LI,Miao-miao TAN,Kai FAN,Kui GENG,Fu ZHAO
    2014, 35(11):  96-106.  doi:10.11959/j.issn.1000-436x.2014.11.011
    Asbtract ( 355 )   HTML ( 5)   PDF (628KB) ( 514 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the rapid development of network technologies,real-time information exchanging between heterogeneous networks becomes more frequently.To effectively guarantee the secure and real-time information exchanging crossing different networks,a network isolation communication scheme (NICS) is proposed to resist against covert channel.A newly theoretical model of NICS is designed and proved based on the information theory,and followed with a specific solution.Security analysis indicates that the NICS is able to effectively solve problems of the potential packet lengths’ covert channel (PLCC) and the status covert channel (SCC) in most of the existing work; and,given similar amount of information for exchanging,the NICS can achieve equivalent security degree with the physical isolation in terms of resisting against the covert channel.

    security protocol
    GUC-secure protocol for private relational join operator computing
    Yuan TIAN,Rong-xin SUN,Wu-yang CAI
    2014, 35(11):  107-116.  doi:10.11959/j.issn.1000-436x.2014.11.012
    Asbtract ( 302 )   HTML ( 2)   PDF (618KB) ( 304 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    It is one of important applications of secure multiparty computation that privacy-preserving SQL computation in distributed relational database.There are only few works dealing with provably-secure privacy-preserving data manipulations in contrast with comparatively abundant works on privacy-preserving data-query in database,among which the join operator is the most powerful in generating new data (relation).By making use of anonymous IBE (identity-based encryption) scheme and its user private-keys blind generation techniques,a very general cryptographic protocol framework is proposed for secure 2-party join computation.This construction is provably GUC (generalized universally composable) secure in the standard model with acceptable efficiency.

    SAT-based lazy formal analysis method for security protocols
    Chun-xiang GU,Huan-xiao WANG,Yong-hui ZHENG,Dan XIN,Nan LIU
    2014, 35(11):  117-125.  doi:10.11959/j.issn.1000-436x.2014.11.013
    Asbtract ( 265 )   HTML ( 1)   PDF (1530KB) ( 659 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A SAT-based security protocol formalization analysis method named SAT-LMC is proposed.The method introduces optimized the initial state and transformational rules with “lazy” idea.The efficiency of detection is significantly improved.Moreover,by adding support for strong type flaw attack defect,the attack detection becomes more comprehensive.A security protocol analysis tool is implemented based on the method; a type flaw attack is detected for protocol Otway-Rees.For OAuth2.0 protocol,analysis shows that there is a kind of man-in-the-middle attack of the authorization code in some application scenarios.

    Provably secure and efficient certificateless sequential multi-signature scheme in random oracle model
    Yan XU,Liu-sheng HUANG,Miao-miao TIAN,Hong ZHONG
    2014, 35(11):  126-131.  doi:10.11959/j.issn.1000-436x.2014.11.014
    Asbtract ( 291 )   HTML ( 2)   PDF (1362KB) ( 957 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Certificate less sequential multi-signature scheme could resolve the problem of authentication of recommendation information transmitted through trust train.Qin yan-lin,et al proposed an efficient certificateless sequential multi-signature scheme,and proved the security is based on the fact that computational Diffie-Hellman problem is hard in the random oracle.It is found that Qin's scheme is insecure against the forgery attack after analysing the security proof.If an adversary has obtained the signers’ multi-signature,it can forgery the multi-signature for any other message.Then,a more efficient certificateless sequential multi-signature scheme is construced which has lower computation cost and communication cost for using less bilinear pairings and only generating one signature message.Finally,the security proof shows that the proposed scheme can resist the forgery attack under the model of random oracle.

    Edwards curves based security authentication protocol for mobile RFID systems
    Yu-long YANG,Chang-gen PENG,Zhou ZHOU,Xiao-pei ZHANG
    2014, 35(11):  132-138.  doi:10.11959/j.issn.1000-436x.2014.11.015
    Asbtract ( 221 )   HTML ( 3)   PDF (941KB) ( 299 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Existing work about RFID authentication protocols is usually difficult to adapt to mobile RFID systems.In order to solve the problem,an Edwards curves based security authentication protocol for mobile RFID systems is proposed.The protocol can improve the ability of resisting the side channel attacks by using the Edwards curve and the elliptic curve discrete logarithm problem is applied to implement safety certification.Further the tag and reader’s untraceable privacy is proved by using the provable security method,the security analysis shows that the protocol can be more effective against for various attacks which have existed.Compared with the existing structure similar to RFID authentication protocol,the protocol has better scalability and its security and performance is superior to other solutions.

    New secure distributed secret sharing scheme of n product
    Zhen-hua CHEN,Shun-dong LI,Bao-cang WANG,Ji-liang LI,Xin LIU
    2014, 35(11):  139-145.  doi:10.11959/j.issn.1000-436x.2014.11.016
    Asbtract ( 293 )   HTML ( 5)   PDF (1207KB) ( 1303 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Since Shamir’s secret sharing scheme does not have the property of the multiplicative homomorphism,an encoding method is utilized for privacy-preserving data to overcome the drawbacks in secure distributed multiplication calculation when using traditional Shamir’s polynomial to share the product of n secrets.Using this encoding method with multiplicative homomorphism and a commitment scheme supporting additive homomorphism,a new secure distributed secret sharing scheme of n product in one session is implemented and the proposed scheme is secure under the presence of malicious participants.The analysis shows that proposed scheme is not only more simple and feasible but also more efficient than previous schemes.

    New remote authorization protocol for vehicle diagnosis
    Zheng-da JIAO,Jian-feng MA,Cong SUN,Qing-song YAO
    2014, 35(11):  146-153.  doi:10.11959/j.issn.1000-436x.2014.11.017
    Asbtract ( 208 )   HTML ( 0)   PDF (537KB) ( 288 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The authorization of diagnosis principals is a critical problem in the remote fault diagnosis of vehicles.Considering the defects of the previous authorization protocol for the remote diagnosis,i.e.PVAUDS,a novel authorization protocol is proposed,named PVAUDS+.In addition to the enforcement on the security properties of PVAUDS,the bidirectional authentication and the freshness of authorization tickets for the diagnosis principals are provided.The resistance of Denial-of-Service (DoS) attack for the trusted third party is also provided.The proposed security targets are achieved through the cost increasing of requests for the resistance of DoS attack,the automatic proof of security properties with the ProVerif tool.The results of quantitative analysis show proposed protocol is practical for use.

    privacy protection
    KAP:location privacy-preserving approach in location services
    Yu-hang WANG,Hong-li ZHANG,Xiang-zhan YU
    2014, 35(11):  182-190.  doi:10.11959/j.issn.1000-436x.2014.11.021
    Asbtract ( 274 )   HTML ( 0)   PDF (1451KB) ( 356 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Preserving location privacy is an essential requirement in mobile internet.A location privacy protection approach named KAP was proposed which aimed at the privacy issue of location service under the mobile Internet.Through the analysis on locating technology,a weighted adjacent graph-based topology model was given in order to describe the positional relationship between hot spots.Meanwhile,with the help of the model,combining the concept of k-anonymity,three privacy algorithms was shown to make sure the location can not be obtained precisely by attacker.The simulation results verified the correctness and performance of the approach.

Copyright Information
Authorized by: China Association for Science and Technology
Sponsored by: China Institute of Communications
Editor-in-Chief: Zhang Ping
Associate Editor-in-Chief:
Zhang Yanchuan, Ma Jianfeng, Yang Zhen, Shen Lianfeng, Tao Xiaofeng, Liu Hualu
Editorial Director: Wu Nada, Zhao Li
Address: F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China
Post: 100079
Tel: 010-53933889、53878169、
53859522、010-53878236
Email: xuebao@ptpress.com.cn
Email: txxb@bjxintong.com.cn
ISSN 1000-436X
CN 11-2102/TN
Links
More...
Visited
Total visitors:
Visitors of today:
Now online:
Copyright of website © 2021 Journal on Communications
Address: F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China   Post: 100079
Tel: 010-53933889、53878169、53859522、53878236   Email: xuebao@ptpress.com.cn; txxb@bjxintong.com.cn