Hierarchy of users׳ web passwords: Perceptions,practices and susceptibilities

In this study, we propose a hierarchy of password importance, and we use an experiment to examine the degree of similarity between passwords for lower-level (e.g. news portal) and higher-level (e.g. banking) websites in this hierarchy. We asked subjects to construct passwords for websites at both levels. Leveraging the lower-level passwords along with a dictionary attack, we successfully cracked almost one-third of the subjects׳ higher-level passwords. In a survey, subjects reported frequently reusing higher-level passwords, with or without modifications, as well as using a similar process to construct both levels of passwords. We thus conclude that unsafely shared or leaked lower-level passwords can be used by attackers to crack higher-level passwords.     

复杂环境下危岩体爆破排险

介绍了复杂条件下危岩体的爆破排险实例.树立先加固再排险的思想,设置冗余系统,有效地避免了滚石的危害;采取合理控制单耗、小药量松动爆破、层层剥离碎石,避免了飞石,减弱了地震波;并阐述了炮孔布置、单孔装药量等参数的确定以及安全防护措施,为此类工程积累了经验.     

某锰矿采空区上方建筑物安全稳定性影响研究

某锰矿开采后形成采空区,为保证采空区上方地表村庄村民的生命财产和人身安全,研究采空区对村庄的安全稳定的影响非常重要.选取某锰矿山一典型剖面,运用"三带理论"和数值模拟分析方法,来分析该村庄在矿山采空区下的稳定性.得出可以继续开采的结论,为矿山安全生产和村民生命安全提供科学依据.     

Secure Software Configuration Management Processes for nuclear safety software development environment

The main difference between nuclear and generic software is that the risk factor is infinitely greater in nuclear software – if there is a malfunction in the safety system, it can result in significant economic loss, physical damage or threat to human life. However, secure software development environment have often been ignored in the nuclear industry. In response to the terrorist attacks on September 11, 2001, the US Nuclear Regulatory Commission (USNRC) revised the Regulatory Guide (RG 1.152-2006) “Criteria for use of computers in safety systems of nuclear power plants” to provide specific security guidance throughout the software development life cycle. Software Configuration Management (SCM) is an essential discipline in the software development environment. SCM involves identifying configuration items, controlling changes to those items, and maintaining integrity and traceability of them. For securing the nuclear safety software, this paper proposes a Secure SCM Processes (S²CMP) which infuses regulatory security requirements into proposed SCM processes. Furthermore, a Process Flow Diagram (PFD) is adopted to describe S²CMP, which is intended to enhance the communication between regulators and developers.     

Golden bump for 20 micron diameter wire bond enhancement at reduced process temperature

With the rapid development of advanced microelectronic packaging technologies, research on fine-pitch wire bonding with improved reliability is driven by demands for smaller form factors and higher performance. In this study, thermosonic wire bonding process with a 20 μm wire for fine-pitch interconnection is described. To strengthen stitch bonds made in a gold-silver bonding system when the bonding temperature is as low as 150 °C, ball bumps (security bump) are placed on top of the stitch bonds. The ball-stitch bond and bump forming parameters are optimized using a design of experiment (DOE) method. A comparison of pull test results for stitch bonds with and without security bumps shows a substantial increase of the stitch pull force (PF) due to the use of security bonds. By varying the relative position of the security bumps to the stitch bonds via wedge shift offset (WSO), a WSO window ranging from 15 to 27 μm results in stitch PF higher than 7 gf, which is equivalent to an increase in average stitch PF of 118%.     

电力信息系统等级保护实施浅谈

如何全面和整体地解决各行各业在信息化建设中的安全问题,是国内外信息安全界多年来一直关注的问题。电力信息系统是一个由人、信息系统、IT基础设施、信息、操作等组成的动态、交互的多域复杂大系统,它的安全是多因素和多维的。文章对电力信息系统等级保护工作的主要内容以及依照等级保护制度建立信息安全保障体系的思路进行了详细的介绍。     

瓦斯抽放启封巷道新技术探索与实践

在煤矿井下生产过程中,经常需要启封封闭墙,掘进巷道临时停风或长期停风后,造成巷道内积聚大量的高浓度瓦斯,需要进行排放,而排放方法不妥或因其它因素,很容易发生安全事故。任楼煤矿采用瓦斯抽放启封巷道新技术,实现了封闭巷道安全启封和瓦斯排放工作。     

前沿技术保障业务系统信息安全

随着集团公司办公管理转向信息化,如何防止企业机密信息外泄已经成了安全保卫工作的重中之重。有关数据显示,我国每年因网络泄密导致的经济损失达上百亿!各国相关行业法律法规对相关企事业单位的数据防泄密做了严格规定。分析了常见的安全漏洞,提出利用前沿网络技术解决数据泄密问题,指出方便快捷的网络通讯平台和越来越先进的数据获取技术,让数据保护工作更具有挑战性。     

石油化工项目施工安全管理工作浅析

从石油化工建设工程安全因素的特殊性、安全监理程序履行的完整性、安全工程师的素质和石油化工行业建设采取的安全管理措施几个方面,对如何做好项目安全管理工作进行论述.     

浅谈人脸识别技术及应用

人脸识别技术赋予计算机系统根据人的面部特征辨别人物身份的能力,该技术具有重要的研究和应用价值,在公共安全、信息安全、金融等方面具有广泛前景。文中阐述了人脸识别技术的概念、算法、研究范围、主要功能模块及其应用等内容。