SHAO Bing,LU Dong-ming

2000-01-01

Abstract:Data encryption is one of the key techniques for information security. In the beginning of this paper, the present encryption methods are analyzed. Next, we design one practical system which can transmits data in the Internet and has the capacity of digital signature and authentication. Finally, some technical issues encountered in the system implementation are discussed

TIAN Yu-hong,WANG Ze-bing,FENG Yan

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.24.029

2006-01-01

Abstract:The Java virtual machine(JVM)is used more frequently as the basic engine behind dynamic web services.With the proliferation of network attacks on these network resources,much work are done to provide security for the network environment.Little effort has been placed on securing a Java web server where the attacker has a valid login to the host machine.After describing the vulnerabilities in Java's security mechanisms,an extended security system based on Java 2 security architecture is introduced.It also explains the runtime status of system.The increased assurance of correct system operation and the integrity of Java application server are provided.

黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

刘扬,陈晓鹏,苑新玲,董开坤

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.18.052

2008-01-01

Abstract:Based on considering the network security and content security,an proposal based on enterprise secret information detection is brought forward,this proposal discussed several influencing factor of enterprise data safe transmission on the Internet such as physical security,system/desktop security,network security,data security,application security and administrative security in the angles of network topology,security architecture and security management control platform,corresponding implementation method and the enci-phered transmission method are presented,which will keep the confidentiality,the integrity and the usability of enterprise data transmission.

GAN Zhi-hua,JI Chao

DOI: https://doi.org/10.15991/j.cnki.411100.2005.04.023

2005-01-01

Abstract:Aboutthe security based on B/S structure,this paper puts forward a Resolvment at filtration of sensitive information.Actual test indicates that the scheme is effective and feasible.

Ping Zhang,Zeguo Wei

DOI: https://doi.org/10.1109/icitis.2010.5689454

2010-01-01

Abstract:Aiming at the security problems of the important disclosed files on Intranet, an intelligent transparent encryption model is proposed. This model can unify policies of rank management security for all hosts on Intranet. Combined with the security assessment process, evaluating secret level of documents in the host, this model decides whether to file for dynamic encryption. Through the practical application of the model, the security is enhanced greatly on the Intranet.

Dongjiu Geng,Jun Wen,Wenhong Tian

DOI: https://doi.org/10.1109/ICCCAS.2010.5582035

2010-01-01

Abstract:Radio Frequency Identification (RFID) systems have become popular for automated identification and supply chain applications, This article focuses on the problem of privacy and security, propose a security scheme to deter unauthorized users from accessing the tag and other problems that could lead to the violations of information stored in the tag, ensuring the safety transmission of data. Then the paper presents the security implementation based on the architecture of the scheme. Finally make an evaluation to the scheme both in the security and in the efficiency. © 2010 IEEE.

Wanbo Zheng,Shufen Liu,Zongwei Liu,Qingxing Fu

DOI: https://doi.org/10.1109/sws.2009.5271783

2009-01-01

Abstract:With the analysis of IPv6's IPSec protocol and principles, the paper designs various modules of IPSec, and achieves IPSec function. By the analysis of the FTP under IPv4 and IPv6 environment, the paper realizes the function of FTP in data transmission of IPv6. The test results of FTP data transmission based on IPSec show that the data transmission is successful and secure, the design and realization are feasible.

Xiaosong Zhang,Fei Liu,Ting Chen,Hua Li

DOI: https://doi.org/10.1109/cis.2009.107

2009-01-01

Abstract:Traditional data leakage prevention strategies encompass access control, audit logon and authority management. They have some effects on preventing sensitive information from leakage, while the system’ s availability may be degraded seriously by their limitation. To solve this problem, a novel model based on Windows file system filter driver is proposed in this paper, in which system encrypts files automatically according to encryption strategies. Leaking confidential information out of enterprise environment, intentionally or unintentionally, will be prevented effectively. Moreover, it has the characteristic of mandatory and transparent encryption, which can compromise the contradiction between data security and user flexibility.

CUI Jian-Ming,FAN Li-Lin,WANG Xiao-Dong

DOI: https://doi.org/10.3969/j.issn.1672-6871.2006.03.012

2007-01-01

Abstract:Security and reliability of Web Services-based distributed system is introduced.Main technologies of current Web Services data transfer are analyzed and their weak points discussed.On this base,a detailed solution,which is a combination of encryption and digital signature to communicate with customer-end with canonical XML,is put forward.The transfer security of share data and the reliable trust relation between Web Services Server and customer is enhanced by this solution.

Yanjie Zhang,Qiqi Shu,Yubo Wang,Yin Gao,Lei Zhang,Yan Li

DOI: https://doi.org/10.1109/EI2.2018.8582358

2018-01-01

Abstract:With the increasing mutual interaction between smart grid and users, intelligent acquisition terminals and mobile operation terminals are widely used and accessed. The types of data transmitted in the network are more complex, and the requirements for information security protection are higher. Currently, the general security protocols for power systems do not meet the new requirements. This paper studies ISO/IEC 9798 series of standards, combines key agreement, entity authentication and hybrid algorithm technology, designs a secure channel protocol for high-security data transmission, and analyzes its complexity and time performance. Finally, it is completed based on security chip. Data transmission test shows that it has the characteristics of high security and flexible protocol, and can effectively meet the security and real-time requirements of data communication.

Ai Ning Li,Sheng Li Hu,Jin Qing Chi,Peng Bo Wu

DOI: https://doi.org/10.4028/www.scientific.net/amm.701-702.1004

2014-12-01

Applied Mechanics and Materials

Abstract:Objectives: Solve the security problems on information transmission between different debarments in hospital management network system. Methods: Put forward a security transmission mechanism based on ECC and AES algorithm which using the hybrid encryption scheme combined with ECC and AES algorithm to ensure the safety of the information transmission process, using the ECC signature algorithm to achieve the identity authentication between different functional departments, using the hash function to realize the integrity authentication of information. Results: This mechanism has been implemented by Java programming and it could effectively ensure the security of information transmission which has been proved by practice. Conclusions: The algorithm of this security Mechanism has been implemented by using java language. Experimental results show that it is effective to keep the security of information transmission..

English Else

Yi-Li Huang,Fang-Yie Leu,Ko-Chung Wei

DOI: https://doi.org/10.1016/j.mcm.2012.11.022

2013-09-01

Mathematical and Computer Modelling

Abstract:Recently, wireless networks, such as Wi-Fi and 3G, have been widely equipped and popularly used in the world. People holding smart devices can conveniently access the Internet services through modern wireless networks. However, when people are enjoying using wireless systems, network security has been a crucial challenge because wireless messages, encrypted or unencrypted, may be maliciously intercepted by hackers. After analyzing and/or decrypting the messages, hackers can illegally capture or steal important information, such as credit card numbers or usernames/passwords, carried in the messages. Currently, SSL and IPsec are utilized to protect the delivery of these types of information. However, each of the two security protocols has its own drawbacks both in their key exchange and message encryption/decryption processes. To solve these drawbacks, in this paper, we propose a secure communication system, named the Wireless Security System with Data Connection Core (WiSDC for short), which consists of two security schemes, including a symmetric key exchange process and a two-dimensional stream cipher mechanism. The former employs random numbers and the connection keys contained in the Data Connection Core (the DCC for short) to generate internal keys, through which the security level of the key exchange process can be enhanced. Here, the DCC is a set of random numbers created when the underlying user registers himself/herself with the wireless system being considered, and the random numbers are only known to the user and AAA server of the wireless system. The latter invokes two operators, including exclusive-or⊕ and binary adder +2 operators, and two Pseudo Random Number Sequences (PRNSs) to encrypt plaintext so as to well protect the ciphertext. The WiSDC also adopts a pseudo random number generator, which feeds back keys in current stage as a part of the inputs of the next stage, to generate more complicated keys for data encryption. Experimental results show that the WiSDC can effectively protect transmitted messages for wireless environments. The analytical results indicate that the WiSDC has higher security level and execution efficiency than those of the SSL and IPsec.

Cheng Zhan,Xie Li

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.10.007

2008-01-01

Abstract:Web Service security problem is one of the highlighted topics in information security area recently.This article presents two security mechanisms for Web Services,transport-level security and message-level security.Then the security technology used to implement message-level security is introduces in detail.Finally,it gives a conclusion to Web Service security and proposes a new Web Service layered security model.

王雪平,徐寿怀,张根度,荆金华

DOI: https://doi.org/10.3321/j.issn:1000-436x.2001.08.012

2001-01-01

Abstract:Our secure electronic commerce system, which has been successfully embedded into the popular Netscape Browser and Server on the Internet, is presented in the paper. We focus our attentions in this paper on the secure requirements related to infrastructure, the system architecture,the system function, and the key tech- niques. And we discuss secure mechanism related to electronic commercs system in detail.

Liang TAN,Xun LUO,Ming-tian ZHOU

DOI: https://doi.org/10.3969/j.issn.1001-0548.2007.03.005

2007-01-01

Abstract:In this paper, the Trusted Authentication Gateway System (TAGS), based on Trusted Platform Model (TPM) of Trusted Computing Group (TCG), is presented, its design and principle are introduced, and deficiencies of TAGS are analyzed. Key and certification are resident in TPM on client platform, so verifier can decide that when a secure link between client and server could be established by TAGS.

Qi Yongzhen,Wang Xin'an,Feng Xiaoxing,Gu Weqing

DOI: https://doi.org/10.1109/asicon.2009.5351524

2009-01-01

Abstract:This paper presents a security-enhanced baseband system for UH R ID tag, which is based on ISO1 000- B protocol. The proposed baseband system consists of the following modules Receiver, Controller, Power Management (PM), Transmitter, Advanced Encryption Standard with 12 bits cryptographic key (AES-12), and Cyclic Redundancy Check (CRC). AES-12 is the encryption engine, which is designed and implemented properly for low cost requirement. Tag uses AES-12 to protect sensitive data in memory and realize mutual authentication with reader. As the actual length of data transacted between reader and tag is less than 12 bits, a novel data flow is given to enhance security strength. The chip was designed using 0.1 mu m CMOS process. Total area of the baseband system is 5 mu mX3 0 mu m excluding pads. Power analysis shows that it consumes. mu w IV. The chip is under fabrication.(1)

LIU Sheng-li,WANG Wen-bing,FEI Jin-long,ZHu Yue-fei

DOI: https://doi.org/10.3969/j.issn.1671-0673.2010.01.019

2010-01-01

Abstract:This paper designs and realizes a data security system for LAN based on Trusted Network Connection(TNC) Specifications.According to TNC mechanism,the new system enforces the network access control method and employs the file system filter driver to monitor and protect sensitive data.In terms of these means,the system can prevent sensitive data from being divulged or stolen and to implement all the files are controlled into the trusted network environment.

李彦堃,谢憬,毛志刚

DOI: https://doi.org/10.3969/j.issn.1004-373x.2009.01.028

2009-01-01

Abstract:Radio Frequency Identification(RFID),as a noncontact autoidentifying technology,has become increasingly crucial in our daily life.But there are some potential problems in security and privacy because of the wireless communication between readers and tags.This paper illustrates a new secure communication model based on the existing RFID security system,which meets the EPCglobal Class1 Gen2 protocol.An improved DES encrypt algorithm is also applied in this system to enhance the security.