黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

Huijuan Zhou,Limin Jia,Yong Qin

2010-01-01

Abstract:Based on the analysis of the concept and characteristic of emergency planning, the content system of railway emergency planning is put forward, which includes railway science and technology security construction planning, railway emergency operation management planning, railway emergency platform construction planning, railway operation safety construction planning, railway emergency resource allocation planning, railway emergency propaganda and education planning. In addition, the implementation scheme of railway emergency planning is presented from the perspectives of system and dynamic and the detail flow chart is built. It could provide general guidance for railway emergency planning.

LI Hetian,LIU Yun,HE Dequan

DOI: https://doi.org/10.3321/j.issn:1001-4632.2007.01.023

2007-01-01

Abstract:A security risk evaluation method based on fuzzy-set comprehensive evaluation theory is demonstrated in this paper to obtain the aim of quantitatively assessing security risk.The security risk is evaluated by making the fuzzy matrix for security risk and addressing risk factor set,security risk indicator sets and the weigh coefficient of security risk factors and applied to the railway passenger ticket system.The security targets provided by the railway passenger ticket system consist of system security,availability,identification authenticity and transaction reliability in order to protect the physical assets and information assets in face of the threats which come from system itself,personnel, environmental and natural disasters.The proposed model for security risk evaluation is used to calculate the security severity of Web server for the system.The numeric results for security risk also provide a method to decide the most critical component of the system which should arouse the system administrator enough attention to take the appropriate technical or administrative security measure or controls to enhance the security of the system.

WANG Yong-meng,XIA Shi-xiong,WANG Shang-fang

DOI: https://doi.org/10.3969/j.issn.1009-3044.2007.05.091

2007-01-01

Abstract:With the development of information technology enterprises increasingly high demand for information system security has received much attention in recent years. In this paper, network security, virus protection, system security tripartite face mainframe information system security analysis, and discussion of the technology for the realization.

Yue Xiao

2007-01-01

Abstract:This paper presents an information management system for the web public security cases based on the network.The realization plan and the function modules are outlined.The network security and the work flow engine are also discussed.

Yong Qin,Huijuan Zhou,Wei Jiang,Limin Jia

2008-01-01

Abstract:Based on the analysis of the system requirement of the emergency management information system of urban rail transit network (EMIS-URTN), a layered EMIS-URTN architecture including 4 vertical layers and 2 supporting layers, which are network layer, data layer, service layer, application layer, security layer and standard layer, was put forward. The new design system can satisfy the requirement of the urban rail transportation management department on the emergency response information sharing and decision-supporting, and has the advanced features with the visualization and spatial-temporal information integration implemented on GIS technologies. The key technologies of the implementation of this system, which are spatial-temporal data integration model, information sharing platform based on multi-agent system were described in detail. Finally, the practical system development applied into the traffic control center (TCC) for Beijing urban rail transit network demonstrates the effectiveness of the design and implementation of the EMIS-URTN.

Shu-Dan Yu

DOI: https://doi.org/10.1088/1742-6596/1800/1/012010

2021-02-01

Journal of Physics: Conference Series

Abstract:Abstract Cloud data center has become a trend and mainstream, and the first phase of the main data center of National Railway Group has been completed, and the main data center also adopts cloud computing technology. Compared with traditional data centers, cloud data centers bring great convenience of unified and flexible resource scheduling to railroads, but also bring many new security risks. Therefore, the study of security architecture and key technologies for cloud data centers becomes an important requirement for securing railroad cloud data centers. While cloud computing brings convenience to railroads, it also brings new security risks. By studying the information security model, we construct a cloud security architecture that meets the actual situation of railroads. In terms of responsibility, according to the level protection responsibility sharing model should be divided into cloud-based security protection and cloud platform foundation protection; in terms of construction, according to the sliding scale model, it should overlap and evolve, and gradually complete the security construction in several stages of infrastructure security, deep defense, active defense and threat intelligence.

English Else

Wenmin Zhu,Yuanhua Jia

DOI: https://doi.org/10.1088/1755-1315/108/4/042067

2018-01-01

IOP Conference Series: Earth and Environmental Science

Abstract:Based on the risk management theory and the PDCA cycle model, requirements of the railway passenger transport safety production is analyzed, and the establishment of the security risk assessment team is proposed to manage risk by FTA with Delphi from both qualitative and quantitative aspects. The safety production committee is also established to accomplish performance appraisal, which is for further ensuring the correctness of risk management results, optimizing the safety management business processes and improving risk management capabilities. The basic framework and risk information database of risk management information system of railway passenger transport safety are designed by Ajax, Web Services and SQL technologies. The system realizes functions about risk management, performance appraisal and data management, and provides an efficient and convenient information management platform for railway passenger safety manager.

WEI Zhen,LU Yang,BAO Hong-jie,LI Qian,TANG Jun

DOI: https://doi.org/10.3321/j.issn:1001-8360.2006.04.024

2006-01-01

Abstract:In enterprises the railway shunting process consists of formulation,transmission,implementation and recording of shunting opration plans.Currently the process is implemented basically by manual work in most railway stations and yards of enterprises,and it has become the main factor of restraints upon improving the shunting efficiency and management level.Transformation by modern information technology is urgently needed.From the view of building the intelligent-integrated information platform for traffic dispatching of enterprises,the paper expounds the structure and functions of the radio information system of shunting locomotives and places special emphasis on some technical characteristics such as radio communication,transmission of shunting opration plans,monitoring of locomotive states,working-out of shunting opration plans etc.The paper also analyses the relationships among processes of shunting,computer interlocking and management of goods flow information.

Zhenwan Zou,Yingsa Hou,Huiting Yang,Bin Wang,Ruxia Yang

DOI: https://doi.org/10.1109/itaic49862.2020.9338955

2020-12-11

Abstract:Aiming at the current status and risks of industrial control system information security, a security protection system was proposed from the technical and management levels. At the technical level, it strengthen security protection by setting up firewall protection, isolating engineer stations, conducting system security tests, and deploying network monitoring. At the management level, it improves safety management through measures such as real-time maintenance and updating of existing management systems and safety technology standards. Finally, the feasibility of this protection system was proved by experiments, which has certain reference significance for the research on safety protection of industrial control systems.

Ruyan Zhang,Guoqiang Cai,Limin Jia

DOI: https://doi.org/10.1109/ICICTA.2008.473

2008-01-01

Abstract:Based on the existing issues and status of urban mass transit (UMT) safety at home and abroad, many key influence factors for UMT safety are proposed in this paper. First, we have analyzed all relevant factors and causations of UMT safety under the human-machine-environmental system. Then, a safety assessment approach based on analytical hierarchy process is proposed in this paper for UMT operating security system. The multi-hierarchy valuation structure is established on the basis of key influence factors for UMT safety. The proposed approach can adjust the balance of safety assessment factors, and provide decision-making advices for the department managers for safety management and safety assessment.

Yu Zhiwei,Tang Rengzhong,Jia Dongjiao,Ye Fanbo

DOI: https://doi.org/10.3321/j.issn:1004-132X.2007.04.021

2007-01-01

Abstract:To identify the security requirements of information systems, a business process-based security requirement analysis method was presented. Focused on the business process security, the related assets which affect the business process security were identified by security tree model. The security requirements of assets were identified by risk packet and risk transferring model, and then the security requirements list was formed after coverage analysis. Finally, a case was studied to illustrate the proposed method.

Liang Ming,Gang Zhao,Minhuan Huang,Xiaohui Kuang,Hu Li,Ming Zhang

DOI: https://doi.org/10.1109/icdis.2018.00037

2018-04-01

Abstract:Modern vehicles in Intelligent Transportation Systems (ITS) can communicate with each other as well as roadside infrastructure units (RSUs) in order to increase transportation efficiency and road safety. For example, there are techniques to alert drivers in advance about traffic incidents and to help them avoid congestion. Threats to these systems, on the other hand, can limit the benefits of these technologies. Securing ITS itself is an important concern in ITS design and implementation. In this paper, we provide a security model of ITS which extends the classic layered network security model with transportation security and information security, and gives a reference for designing ITS architectures. Based on this security model, we also present a classification of ITS threats for defense. Finally a proof-of-concept example with malicious nodes in an ITS system is also given to demonstrate the impact of attacks. We analyzed the threat of malicious nodes and their effects to commuters, like increasing toll fees, travel distances, and travel times etc. Experimental results from simulations based on Veins shows the threats will bring about 43.40% more total toll fees, 39.45% longer travel distances, and 63.10% more travel times.

Xu WU,Si-ji HU,Yan-ping CUI,Qing LUO

DOI: https://doi.org/10.3969/j.issn.1003-3033.2005.04.020

2005-01-01

Abstract:The high-speed railway is new in China. Its safety is of great importance. In order to ensure its safety, the safety of infrastructure is of first importance. More important is to improve the safeguard by applying information technology and set up the information safeguard system. According to characteristics of high-speed railway and the theory of the safety system engineering, and referring to man-machine-environment system, the information safeguard system of the high-speed railway is established. Functions and component of each subsystem are introduced. Referring to the agent technology in artificial intelligence, the multi-agent system designed for information safeguard system of high-speed railway is proposed, which consists of the monitoring agent, judgment agent, diagnosis agent, processing agent, evaluation agent and management agent.

Xiaoqing Cheng,Lingxi Zhu,Limin Jia,Yong Qin,Ying Zhang,Jie Zhang

2010-01-01

Abstract:Nowadays, the railway emergency plan system has established basically. However, there are still some problems, such as the plans lacking of scientific and practical, lacking of technical support, and so on. So, this paper brings forward to construct a railway digital emergency plan system. The function and structure of this system is introduced. This system will play an important role and significance in emergency management. It is not only to a pure digital for the existing text plan, but rather to apply science into the field of emergency plan management in order to make the formulation and implementation of plan of standardization, visualization, and provide the assessments function of emergency effect and the simulation function of emergency exercise.

余冬梅,刘密霞,冯涛

DOI: https://doi.org/10.3969/j.issn.1673-629x.2004.02.041

2004-01-01

Abstract:The greater the availability of the network, the greater its vulnerability to threats from within and outside the organization. To an organization, an enterprise, constructing an appropriate network security system is very necessary. Based on a framework for network security system design put forwarded in, detailed analysis of the phase of network security design is made in this paper, and architecture model and policy management implemented model are given, which hangs security architecture, security policy implement and the enforced mechanism of network security together, and insures the transition between high-level security requirement analysis and the low-level system implementation smoothly.

ZS Yang,JM Hu

DOI: https://doi.org/10.1061/40503(277)125

2000-01-01

Abstract:As we know, Intelligent Transportation Systems (ITS) can improve safety, reduce congestion, enhance mobility, minimize environmental impact, save energy and promote economic productivity in our transportation system. However, China does not have a perfect strategic planning and architecture for ITS. It is important for China to develop ITS architecture. In terms of the characteristics of Chinese transportation, this paper creates ITS architecture, which defines the interface and interaction between three layers. Actually, this paper is mainly concerned about ITS architecture in urban and expressway transportation systems. Finally, this paper talks about the issues for future consideration of ITS in China.

Nan Cheng,Huapu Lu,Yijian Tang,Shuai Dai,Xinxin Yu

DOI: https://doi.org/10.1061/41127(382)7

2010-01-01

Abstract:Taking the Xiangtan Iron and Steel Group Co. Ltd as an example, the paper investigates the status of enterprise's rail leased line and analyzes the problems existing in the railway car operating. For solving these problems, this study develops an integrated transportation system to optimize the management process and proposes a package solution based on the advanced information technique and wireless communication technique. Finally, the paper summarizes the main function and key technique of the system and proves that it would be applicable to related industries. © 2010 ASCE.

Pablo López-Aguilar,Edgar Batista,Antoni Martínez-Ballesté,Agusti Solanas

DOI: https://doi.org/10.3390/s22207698

IF: 3.9

2022-10-12

Sensors

Abstract:Intelligent transportation systems will play a key role in the smart cities of the future. In particular, railway transportation is gaining attention as a promising solution to cope with the mobility challenges in large urban areas. Thanks to the miniaturisation of sensors and the deployment of fast data networks, the railway industry is being augmented with contextual, real-time information that opens the door to novel and personalised services. Despite the benefits of this digitalisation, the high complexity of railway transportation entails a number of challenges, particularly from security and privacy perspectives. Since railway assets are attractive targets for terrorism, coping with strong security and privacy requirements such as cryptography and privacy-preserving methods is of utmost importance. This article provides a thorough systematic literature review on information security and privacy within railway transportation systems, following the well-known methodology proposed by vom Brocke et al. We sketch out the most relevant studies and outline the main focuses, challenges and solutions described in the literature, considering technical, societal, regulatory and ethical approaches. Additionally, we discuss the remaining open issues and suggest several research lines that will gain relevance in the years to come.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Wang Yuanyuan

DOI: https://doi.org/10.2991/icsnce-18.2018.43

2018-01-01

Abstract:This paper explains the idea of information security and discusses the establishment of the security system of information network. By using the information system security engineering method, we will establish and improve the network security plan and disaster recovery plan through strict organization and management, adequate financial support, strong...