A Syntactic Criterion for Injectivity of Authentication Protocols

Injectivity is essential when studying the correctness of authentication protocols, because noninjective protocols may suffer from replay attacks. The standard ways of verifying injectivity either make use of a counting argument, which only seems to be applicable in a verification methodology based on model-checking, or draw conclusions on the basis of the details of the data-model used. We propose and study a property, the loop property, that can be syntactically verified and is sufficient to guarantee injectivity. Our result is generic in the sense that it holds for a wide range of security protocol models, and does not depend on the details of message contents or nonce freshness.     

Human-to-Human authorization for resource sharing in SHAD: Roles and protocols

One aim of pervasive computing is to allow users to share their resources so that they seem to be part of a single pervasive computer. This is just an illusion, the result of the synergy between different systems and resources. SHAD, introduced in PerCom 2007, is the first architecture that offers actual Single Sign-On to avoid authentication obtrusiveness and maintain the illusion of a single, pervasive computer. This paper describes how SHAD allows users to securely share their resources in a easy, natural, and intuitive way. It also describes its role-based Human-to-Human architecture, the threat model, and the protocols involved. Last but not the least, it presents results of further evaluation for our working implementation.     

SIP和PSTN语音网关的设计与实现

文章基于SIP协议，提出了一个PSTN小型语音网关的设计与实现方案．使IP网络上的SIPUA可以与PSTN的电话进行语音互通。同时，对网关的安全性进行了探讨与实现。     

基于DRM的多媒体课件点播

数字版权保护是网络远程教育中多媒体课件点播必须解决的问题。通过对数字版权管理技术进行研究。设计实现的课件点播数字权限管理系统功能包括：多媒体课件加密、打包、用户权限设定、许可证产生和分发。     

几种涉密网主机系统保护及审计技术的比较

论文比较详细地阐述了涉密网主机系统所面临的安全隐患,提出了涉密网主机安全防护所要解决的几个技术问题,并就可能实现的技术方法进行了探讨和比较。     

Coding behavior of authentication code on the internet

With the rapid growth of Internet services, virtual world has witnessed an increasingly large number of online users who have a variety of needs such as accessing various websites to gather information, easing business transactions, and sharing updates. As a result, information security has become a major concern among online users, and the verification of access codes is now the main practice used to keep information systems safe. However, some issues arise as the result of coding and managing behavior, and this research seeks to address these issues. After following the Focus Group method and interviewing 13 college students, this research finds that forgetting the access code is one of the biggest challenges to most online users simply because of the longer duration and the time when the users have a need to access the websites again, their memory will eclipse. In addition, online users usually develop self-constructed rules to cope with elusive code. These rules include: creating some sets of code that may not be meaningful to outsiders; taking different degrees of complex measures to register authentication codes, dependent upon the importance of the websites to the online users; writing the authentication codes on a scratchpad and sticking it on the computer screen; and keeping the codes in a notebook or computer file. The above practices nevertheless run the risk of being usurped by hackers, and it is found that hacking frequently takes place among closest friends, as they are quite familiar with the coding behavior of the victims. While assisting coding management does not help in this regard, as it is generally too expensive, online users troubled by the forgetting of access codes often end up with re-applying for a new set of authentication codes after unsuccessfully trying to login. All these self-constructed rules, nevertheless, constitute threat to information security. The research, in conclusion, calls for an education campaign to promote healthy coding behavior and effective coding management. The obtained findings provide valuable references for both academicians and practitioners to understand the online users’ coding behaviors and to effectively manage them accordingly to improve the resulting information security.     

WIFI无线登录安全性研究

一直以来,无线网络的安全问题都备受关注,其中认证是保证信息安全的一个重要环节。目前无线认证有多种方式,比如Radius认证,Web认证,端口认证等,本文通过调研分析Radius认证与Web认证两种无线认证方式,来比较在家庭路由认证状态下,两者的性能差异,从而更好的解决目前普遍存在的弱密码问题。     

移动自组织网络安全接入技术研究综述

针对移动Ad hoc网络的特点对其中存在的主要安全威胁进行了分析,给出了MANET中安全接入的概念以及主要的性能要求。在此基础上,对MANET的主要安全接入技术进行了回顾,对各方案的优缺点进行了分析。最后对几类典型的安全接入方案进行了比较,并对未来值得进一步研究的问题进行了展望。     

基于.net的安全性验证

采用自定义主体Principal和身份Identity实现基于窗体的安全验证,构建了一个灵活方便的安全权限管理系统,综合使用了数据库技术、面向对象设计技术、操作系统权限管理、NET框架中基于代码访问安全性和基于角色访问安全性等多方面技术。该方案可以用于多数WEB系统中,作为通用的安全权限管理模块。     

无线传感器网络的认证协议分析

通过对现有无线传感器网络的认证协议进行比较和分析,总结了各协议的优点及存在问题,根据目前对传感器节点软硬件性能研究的进展,探讨了无线传感器网络安全认证协议研究的进一步发展方向.