三网融合安全形势研究

文章归纳了计算机网络、有线电视网和电信网在三网分离环境下存在的信息安全问题和现有的安全防护技术,进一步分析三网融合后存在的安全问题,并针对不同的安全问题,从等级保护、边界防护、人为监管三个方面提出了解决思路。     

三网融合技术在高校网络化教育系统中应用的研究

该文介绍了目前我国三网融合及高校网络化教育系统的现状,分析了可实现三网融合的技术基础,介绍了应用于基于三网融合下高校网络化教育系统所用的关键技术,并给出了三网融合实现方案。     

物联网和云计算对等级测评的影响探究

信息安全等级保护制度是国家信息安全保障工作的基本制度和基本策略。而等级测评是用来检验和评价信息系统安全保护水平的重要方法。新技术的出现如云计算、物联网、三网融合等,给传统等级测评技术带来了新的挑战。本文以物联网和云计算为代表,探讨了新技术发展对等级测评产生的影响,旨在推动等级测评技术的发展,为其深入研究提供理论参考。     

信息安全等级保护中等级测评的CAE建模

CAE模型具有很强的层次性与结构性,被广泛用于复杂的信息安全测评过程中.采用CAE模型对等级测评的过程进行建模,将测评过程的多个层面简化为声明论据证据三种层次,并从测评指标的选择和测评结果的融合两个方面具体说明了CAE模型的作用.结果表明等级测评的过程完全可以归纳入CAE模型中,等级测评的过程与CAE模型的分解和推理过程是一致的,进一步验证了信息安全等级保护标准支持下的等级测评的有效性和合理性.     

基于IPSEC的VPN的安全功能要求的设计与分析

《计算机信息系统安全保护等级划分准则》是我国计算机安全产品和系统必须遵循的标准,而CC是一个新的国际性通用标准,设计一个满足CC标准的网络安全产品或系统,目前国内还没有借鉴之处。文章对国际国内的安全标准现状进行了分析比较,研究了将我国的计算机信息系统安全保护等级的要求用CC标准来描述的问题,并对基于IPSEC的VPN的安全功能要求的实现进行了研究。     

三网融合中的安全风险及防范技术研究

文章分析了三网融合中可能出现的网络和内容安全的隐患,提出了通过认证机制、防护机制、监控机制及信任机制等技术来应对。同时,文章还深入分析了三网融合下信息安全监管问题,提出继续加强融合法律法规建设,适时成立统一融合监管机构,建立融合统一监管标准体系,以及全面纳入信息安全保障体系等一系列三网融合信息安全监管的建议。     

信息安全等级保护评测工作研究

介绍了信息安全等级保护的背景、等级保护评测的概念、信息安全等级划分,并介绍了相应的等级保护评测级别,说明了等级保护评测的基本过程,研究了等级保护评测工具的基本功能和应用前景.     

基于等级保护体系架构的中储粮安全运维管控平台

文章通过对中储粮信息系统安全等级保护建设的介绍,首先阐述了如何依据等级保护标准构建基于等级保护的信息系统安全体系架构和安全管理制度。然后论述了安全技术与安全管理的融合,静态防护与动态监控的融合,通过信息系统安全运维管控平台承载这种“融合”,从而实现基于等级保护安全架构的信息系统安全保障体系。     

企业是等级保护的建设者、宣传者

企业是国家等级保护标准制定的参与者，是不同保护等级安全产品的研制者，是等级保护制度的宣传者，是等级划分与等级保护体系的建设者。     

基于等级保护的财政信息系统安全建设研究

以我国信息安全等级体系规范和标准为基础,分析财政信息系统的安全保护等级模型,讨论和设计财政信息系统网络安全域的划分和等级保护方案,提出方便有效地进一步完善财政信息系统安全的保障措施.     

Stability criteria for control systems with one non-linear element†

Liapunov functions are used to develop frequency domain criteria for a class of systems in which the given non–linear characteristic is bounded in both sector and slope. The criteria include the special case when order of numerator and denominator is equal in the linear transfer functions of the class of systems.     

Analysis and synthesis of modally balanced systems

We study a special kind of linear dynamical systems, namely modally balanced systems, in which the transition function’s poles are proportional to Hankel singular values. We analyze existence conditions and properties of such systems and develop algorithms for their synthesis. Our results include algebraic modal balance criteria.     

A methodology for evaluating test coverage criteria of high levelPetri nets

High level Petri nets have been extensively used for modeling concurrent systems; however, their strong expressive power reduces their ability to be easily analyzed. Currently there are few effective formal analysis techniques to support the validation of high level Petri nets. The executable nature of high level Petri nets means that during validation they can be analyzed using test criteria defined on the net model. Recently, theoretical test adequacy coverage criteria for concurrent systems using high level Petri nets have been proposed. However, determining the applicability of these test adequacy criteria has not yet been undertaken. In this paper, we present an approach for evaluating the proposed test adequacy criteria for high level Petri nets through experimentation. In our experiments we use the simulation functionality of the model checker SPIN to analyze various test coverage criteria on high level Petri nets.     

Frequency-domain stability conditions for hybrid systems

Consideration was given to a special class of the hybrid systems with switchings of time-invariant linear right-hand sides. A narrower subclass of such systems, that of connected switched linear systems, was specified among them. The necessary and sufficient frequencydomain conditions (criteria) for the existence of a common quadratic Lyapunov function providing stability of the switched systems were proposed for them. The specified subclass includes control systems with several nonstationary nonlinearities from the finite sectors that are the matter at issue of the theory of absolute stability. For the connected switched linear systems of a special kind (triangular type systems), the separate necessary and separate sufficient existence conditions were obtained for such Lyapunov functions. The interrelations between these conditions were discussed in the example.     

MIMO-OFDM PAPR reduction by selected mapping using side information power allocation

In this paper, we present a Selected Mapping (SLM) PAPR reduction technique for MIMO-OFDM system with special protection of Side Information (SI). Selected Mapping (SLM) is a powerful PAPR reduction technique since it does not cause any signal distortion and simple to implement. As a special protection for the Side Information (SI) of SLM technique, we propose a SI power allocation procedure. Simulation results show that our proposed technique gives significantly better BER performance than the ordinary SLM technique for MIMO-OFDM systems. Analysis for the optimum SI power allocation is also presented.     

卫星导航系统安全防护研究

卫星导航系统安全防护对导航以及武器装备具有极其重要的意义。首先介绍了卫星导航系统安全防护的定义、描述和研究内容;然后根据系统工程思想,给出了研究卫星导航系统安全防护问题的一般思路;接着给出了一个综合考虑干扰策略、攻击水平、防护水平、作战场景等安全防护因素的数学模型;最后通过算例分析了接收机的安全防护。实验结论显示,相对于敌方攻击水平的防护水平是影响我方作战效用的关键因素,不同作战任务场景对安全防护的要求是不同的,攻击策略对作战效能的影响取决于相应防护水平的强弱。     

Approach to APCS protection from cyber threats

Protection technologies of initially vulnerable industrial control systems are based on network segregation, the logical separation of the control network from the corporate network, and the use of firewalls. Manufacturers of industrial equipment attempt to embed security functions (of authentication and PLC password protection), but without using additional protection means, the components of these automatic process control systems remain unprotected because of the architecture designed without taking into account information security requirements. In this paper, a comparative analysis of the existing approaches to the APCS protection has been carried out, security criteria for each approach have been formalized, and a new subject-centered approach has been proposed that develops the cyber security paradigm.     

On confluence of one-rule trace-rewriting systems

The paper presents combinatorial criteria for confluence of one-rule trace-rewriting systems. The criteria are based on self-overlaps of traces, which are closely related to the notion of conjugacy of traces, and can be tested in linear time. As a special case, we reobtain the corresponding results for strings.The work of the second author was supported in part by the EBRA working goup No. 3166 ASMICS.     

Comprehensive analysis of FBD test coverage criteria using mutants

Function block diagram (FBD), a graphical modeling language for programmable logic controllers, has been widely used to implement safety critical system software such as nuclear reactor protection systems. With the growing importance of structural testing for FBD models, structural test coverage criteria for FBD models have been proposed and evaluated using mutation analysis in our previous work. We extend the previous work by comprehensively analyzing the relationships among fault detection effectiveness, test suite size, and coverage level through several research questions. We generate a large number of test suites achieving an FBD test coverage ranging from 0 to 100 %, and we also generate many artificial faults (i.e. mutants) for the FBD models. Our analysis results show that the fault detection effectiveness of the FBD coverage criteria increases with increasing coverage levels, and the coverage criteria are highly effective at detecting faults in all subject models. Furthermore, the test suites generated with the FBD coverage criteria are more effective and efficient than the randomly generated test suites. The FBD coverage criteria are strong at detecting faults in Boolean edges, while relatively weak at detecting wrong constants in FBD models. Empirical knowledge regarding our experiments provide the validity of using the FBD coverage criteria, and therefore, of FBD model-based testing.