SHAO Bing,LU Dong-ming

2000-01-01

Abstract:Data encryption is one of the key techniques for information security. In the beginning of this paper, the present encryption methods are analyzed. Next, we design one practical system which can transmits data in the Internet and has the capacity of digital signature and authentication. Finally, some technical issues encountered in the system implementation are discussed

GAO Sheng,CHEN Xing-shu,WANG Wen-xian,GUO Dong-jun

DOI: https://doi.org/10.3969/j.issn.1001-0548.2007.06.027

2007-01-01

Abstract:In order to deal with network data in kernel mode for developers, Windows Network Device Interface Standard (NDIS) provides standard developing interfaces. Based on NDIS intermediate, this paper introduces a new security data transmission model. The difference from traditional IPSec and SSL is that this model imports security server to traditional client server model and puts forward a new method to deal with data on top of NDIS intermediate. This model is able to ensure the security of data transmission and anti-scouted of transmission, it also not be effected by NAT.

Zhimin Guo,Zhuo Lv,Cen Chen,Wen Yang,Mingyan Li

DOI: https://doi.org/10.1109/icpds47662.2019.9017171

2019-01-01

Abstract:The stolen or modified data transmission between the primary station and the terminal in the distribution network automation communication system will have a great impact on the security of the entire distribution network, and the large-scale distribution network encrypts the communication data between the primary station and the terminal. Efficiency puts higher demands. Based on the national network adjustment [2011] No. 168 document and the current distribution network security protection scheme, a high-reliability automated distribution network model management scheme based on two-way encryption authentication technology is proposed. Solve the problem that the uplink data of the terminal is not credible due to the single authentication between the primary station and the terminal in the current distribution network protection scheme. Compared with the current distribution network, the proposed scheme integrates the network layer and the application layer, unified key management, and implements a low-latency, highly trusted two-way encryption authentication mechanism for data transmission between the primary station and the terminal. It is the first in China.

LI Peng,JIANG Zejun,WANG Lifang

DOI: https://doi.org/10.3969/j.issn.1009-8054.2007.02.068

2007-01-01

Abstract:The traditional SSL model only used in Https and SSL VPN.It can not be widely used in other fields due to the limitation of the certificate.This paper will works on a modified SSL communication model.It will utilize the two-factor Authentication technology, using the way of Clock Synchronization.The new model avoid the certificate, which enhance the security and usability of the network communication.

NIU Ben,LI Hui,ZHU Xiaoyan

DOI: https://doi.org/10.3969/j.issn.1674-5825.2011.06.007

2011-01-01

MANNED SPACEFLIGHT

Abstract:Communication Security problem is a great challenge for the further development of space science and technology.Based on the design principle and method of communication systems security,characteristics of space communications and threats for space networks are analysed.An authentication model is proposed for the space communication networks. This model is based on multi-level key management and composite identity authentication to give forceful supplement for the secure part of the CCSDS standard.The proposed model is efficient and has practical significance.

Xuhong Li,Guan Wang,Wenwen Pan

DOI: https://doi.org/10.1504/ijaacs.2021.114289

2021-01-01

International Journal of Autonomous and Adaptive Communications Systems

Abstract:Aiming at the security problems of data monitoring, and forgery and tampering in the process of wireless communication network, this paper proposes a lightweight data encryption algorithm based on dynamic key, in which an authentication scheme combining with the characteristics of communication system is constructed. Firstly, the communication network structure is constructed based on encryption algorithm by using C/S security agent model. Furthermore, the data symmetric encryption and decryption are completed by using exclusive OR algorithm. In addition, adopting hash algorithm which can complete data integrity authentication, and reduce resource consumption in keys and message. The libmodbus open source libraries are employed to simulate the master/slave device communication, and simulation results show that the improved scheme ensures the synchronisation and accurate key updating, realises the self-organisation and management of the key. At the same time, the proposed algorithm has great advantages in resource consumption, compared with other algorithms.

Xin Mao,Yang Liu,Song Feng Lu,You Li

DOI: https://doi.org/10.4028/www.scientific.net/aef.6-7.932

2012-01-01

Advanced Engineering Forum

Abstract:Data privacy and integrity will be the crucial and significant factors in recent times for network applications. To deal with these security problems related to symmetric and asymmetric key types have been framed. In this paper, we suggest a new secure communications solution for a secure channel that combines the digital envelopes and digital signatures and implements with symmetric key algorithm of AES and the asymmetric key algorithm of ECC. The experiment result shows it’s a more perfect choice.

CUI Zhi-gang,CAO Yuan-da,ZHANG Wen-kai,TAN Yu-an

DOI: https://doi.org/10.3969/j.issn.1001-3695.2006.07.034

2006-01-01

Abstract:A wireless trade security model for K-Java handset and PDA(Personal Digital Assistant) is proposed.RSA algorithm is adopted to encrypt the one-time message and the session key if it is necessary to encrypt the successive data.The mode is fit with the wireless network due to its high performance and it is also versatile and scalable.

WANG Tao,LU Xian-Liang,DUAN Han-Cong

DOI: https://doi.org/10.3969/j.issn.1002-137x.2006.05.026

2006-01-01

Computer Science

Abstract:Security is always the main problem which restricts the development of P2P networks.Current models can't guarantee the authenticity,confidentiality and integrity of the data in P2P communication.To address these problems, this paper presents a novel SSL-based P2P secure communication model.The distributed CA and SSL mechanism are provided in the model.By using layer-independence technique,the model can be inserted into existing P2P networks easily.Results of simulations show that the proposed model is feasible and efficient.

Lan Luo,ZhiGuang Qin,ShaoQuan Jiang

DOI: https://doi.org/10.1109/CISP.2008.22

2008-01-01

Abstract:In order to encapsulate data and to convey information more efficiently and more security, a draft frame based on active block ciphers for application layer of Internet which could transmit orange data into semantic security and semantic integrity was designed according to scalable purpose. To different network environment, there were different intelligent choices about block cipher algorithms to enforce secure. A proposal which used different block cipher algorithms in reason was demonstrated its security. The secure structure layer was designed by intelligent method. It took the approach that both the intelligent access authentication based on block ciphers and data secure by block ciphers were flexible and scalable means for information secure conveyed through the network application layer.

Xiaofeng XIA,Hong XIANG,Zhenyu XIAO,Ting CAI

DOI: https://doi.org/10.11999/JEIT190893

2020-01-01

Abstract:For the security of industrial control system, a framework for Numerical Control System(NCS) network security protection technology is proposed. The SM2, SM3 and SM4 algorithms in the domestic cryptographic algorithms are used to design and establish the AUTHentication and VRFfication (AUTH-VRF) model of the Computerized Numerical Control(CNC) network, which provides security protection for both internal and external sides. The external side conducts the security authentication for communication and transmission between CNC network devices to achieve network segment isolation. The internal side verifies communication protocol integrity to ensure that the operating procedures received by the field devices are correct and valid. The external protection device designed and deployed based on the SM2, SM3 and SM4 algorithms provides identity authentication and file encryption transmission for communication between the Distributed Numerical Control(DNC) device and the CNC system. At the same time, for the proprietary industrial communication protocol data in the CNC network, the SM3 algorithm is used to verify its integrity. The network attack experiments prove that the AUTH-VRF model can provide effective security certification and integrity protection for industrial production data in CNC networks. It also provides a practical technical approach to meet the requirements of ‘secure and controllable both for domestic and foreign products’, as well as ‘applying security technique to all layers of Industrial Control Systems’ for protecting the critical infrastructure.

Minghan Chen,Fangyan Dai,Bingjie Yan,Jieren Cheng,Longjuan Wang

DOI: https://doi.org/10.48550/arXiv.2002.01391

2020-02-05

Abstract:Distributed network of the computer and the design defects of the TCP protocol are given to the network attack to be multiplicative. Based on the simple and open assumptions of the TCP protocol in academic and collaborative communication environments, the protocol lacks secure authentication. In this paper, by adding RSA-based cryptography technology, RSA-based signature technology, DH key exchange algorithm, and HAMC-SHA1 integrity verification technology to the TCP protocol, and propose a security strategy which can effectively defend against TCP session hijacking.

Cryptography and Security

Xiao-Wei Pu,Yuyu Zhao,Yun-fei Li,Yuanjun He,Liqi Ou

Abstract: Abstract — Network security is required more by the development of e-commerce. Data encryption is an effective method to ensure network security. In this paper, Advanced Encryption Standard (AES) algorithm and Elliptic Curve Cryptography (ECC) algorithm were analyzed, and their advantages and disadvantages were found. Then a hybrid encryption strategy based on AES and ECC was proposed for the security protection of e-commerce networks. The performance of mixed encryption strategy was analyzed through different experiments, and it was found that AES algorithm and ECC algorithm had obvious advantages in symmetric and asymmetric algorithms. AES+ECC hybrid encryption strategy had lower space complexity and higher security. It took only 1000 ms to process 50 M packets. Experimental results demonstrated the reliability of AES+ECC hybrid algorithm. It provides some theoretical basis for its application in e-commerce network security protection.

Computer Science

Mohamed Elhoseny,K. Shankar

DOI: https://doi.org/10.1109/tr.2019.2915800

IF: 5.883

2020-09-01

IEEE Transactions on Reliability

Abstract:In recent years, the need for high security with reliability in the wireless network has tremendously been increased. To provide high security in reliable networks, mobile ad hoc networks (MANETs) play a top role, like open network boundary, distributed network, and fast and quick implementation. By expanding the technology, the MANET faces a number of security challenges due to self-configuration and maintenance capabilities. Besides, traditional security solutions for wired networks are ineffective and inefficient because of the nature of highly dynamic and resource-constrained MANETs. In this paper, the researchers focus on improving reliable data transmission with high security in the MANET using an optimization technique. In the proposed MANET system, the nodes are clustered by utilizing an energy-efficient routing protocol. Then, the modified discrete particle swarm optimization is used to select the optimal cluster head. A secured routing protocol and a signcryption model can be used to improve the transmission security of the reliable MANET. The signcryption algorithm encrypts the digital signature, which can enhance the overall efficiency and confidentiality. The security-based analysis is performed on the basis of packet delivery ratio, energy consumption, network lifetime, and throughput. Finally, the result demonstrates that the MANET with optimization techniques achieves a high transmission rate and improves the reliable data security.

engineering, electrical & electronic,computer science, software engineering, hardware & architecture

Jiao JIAO,Xian-hui LIU,Wei-dong ZHAO

2013-01-01

Abstract:With the growing popularity of the Internet, the network has brought to people's lives a lot of convenience, but the network communication data security problems are threatening people's privacy and property. This paper is designed and imple-mented a communication model based on real-time security model which ensures the data security with three aspects:informa-tion can be recognized from the identity of each other, the information can not be tampered, the information can not be denied. At the same time, this module also ensures the effectiveness of the information. The paper also verifies the validity of the model and algorithm. The model enjoys a certain application value in the network communications security field.

DENG Zhi-hong,YAN Jun-biao,CAI Yue-hua,CAI Hai-bin

DOI: https://doi.org/10.3969/j.issn.1000-7024.2007.02.034

2007-01-01

Abstract:The Internet/Intranet emergence provided for the business enterprise a fast,efficiently,convenient network environment.But the security problem of network information system is more and more outstanding.PKI provide a real credible,steady,secure platform for secrecy application based on network.Firstly,the security problem of network and the architecture of PKI/CA system are discussed.The further improvement is made.A network information secure model based on PKI technology is designed and the safe system on net-work according to this model is set up.Finally,a practical instance of e-commerce is analyzed in detail.

Wei Li

DOI: https://doi.org/10.3321/j.issn:0253-987X.1999.07.001

1999-01-01

Abstract:A router-based approach to authenticate TCP/IP network activities dynamically is presented. The objective is to enhance network security by giving each user identity that can't be forged. The model consists of a security authentication server running on router, a security client running on user machine and a log server running on NMS (network management station). Discussed in detail here the effectiveness of this model. This model makes it easier for network manager to solve the problem of IP spoofing, and to trace network hacking activities.

Wang Jian,Liu Xu,Ji Xiaoyong

DOI: https://doi.org/10.1109/ICEE.2010.898

2010-01-01

Abstract:Information security is a necessary safeguard for mobile e-commerce and a secure communication system to obtain high quality secure communication in wireless environment is introduced, which is integrating three kinds of encryption algorithms including AES, RSA and CPRS chaos encryption. Secure communication framework based on three-layer encryption model is proposed: (1) AES layer of system code decrypt, system boot and the system self-destruct; (2) RSA layer of authentication, key negotiation and key management functions; (3) CPRS layer of communication data stream encryption and decryption. The implementation and optimization of the above-mentioned three kinds of algorithms are discussed. The experiments show the three kinds of encryption algorithms are safe and reliable to achieve a high degree of secure communication.

Ziheng Wang,Heng Chen,Weiguo Wu

DOI: https://doi.org/10.3390/en13215777

IF: 3.2

2020-01-01

Energies

Abstract:In Wireless Sensor Networks (WSNs), server clusters, and other systems requiring secure transmission, the overhead of data encryption and transmission is often not negligible. Unfortunately, a conflict exists between security and efficiency in processing data. Therefore, this paper proposes a strategy to overcome this conflict, called Client-Aware Negotiation for Secure and Efficient Data Transmission (CAN-SEAT). This strategy allows a client with different security transmission requirements to use the appropriate data security transmission without modifying the client. Two methods are designed for different clients. The first method is based on two-way authentication and renegotiation. After handshakes, the appropriate data security transmission scheme is selected according to the client requirements. Another method is based on redirection, which can be applied when the client does not support two-way authentication or renegotiation. For the characteristics of different architecture, this paper classifies and discusses symmetric key algorithms, asymmetric key algorithms, and hardware encryption instructions. In four application scenarios, the CAN-SEAT strategy is tested. Compared with the general transmission strategy, when only software encryption is used, the data processing and transmission cost can be reduced by 89.41% in the best case and by 15.40% in the worst case. When supporting hardware encryption, the cost can be reduced by 85.30% and 24.63%, respectively. A good effect was produced on the experimental platforms XiLinx, FT-2000+, and Intel processors. To the best of our knowledge, for Client-Aware Negotiation (CAN), this is the first method to be successfully deployed on a general system. CAN-SEAT can be easily combined with other energy-efficient strategies.

Shaik Rasool,G. Sridhar,K. Hemanth Kumar,P. Ravi Kumar

DOI: https://doi.org/10.48550/arXiv.1110.1701

2011-10-08

Cryptography and Security

Abstract:This paper puts forward a safe mechanism of data transmission to tackle the security problem of information which is transmitted in Internet. The encryption standards such as DES (Data Encryption Standard), AES (Advanced Encryption Standard) and EES (Escrowed Encryption Standard) are widely used to solve the problem of communication over an insecure channel. With advanced technologies in computer hardware and software, these standards seem not to be as secure and fast as one would like. In this paper we propose a encryption technique which provides security to both the message and the secret key achieving confidentiality and authentication. The Symmetric algorithm used has two advantages over traditional schemes. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the security level is higher due to the inherent poly-alphabetic nature of the substitution mapping method used here, together with the translation and transposition operations performed in the algorithm. Asymmetric algorithm RSA is worldwide known for its high security. In this paper a detailed report of the process is presented and analysis is done comparing our proposed technique with familiar techniques