浅谈韩国KS认证审核

主要介绍在接受韩国KS认证审核中应该注意的事项和细节.     

A self-verification authentication mechanism for mobile satellite communication systems

In order to provide an opportunity to make personal communication as broad as possible, mobile satellite communication systems have recently drawn much attention. However, any communication system raises two major challenging issues: (1) how to determine whether actors are whom they claim to be; and (2) how to protect data against unauthorized disclosure. Although the secret-key cryptosystem (SKC) and the public-key cryptosystem (PKC) have been developed to provide well-defined security services to address these issues each has serous drawbacks while SKC-based authentication schemes have the common demerit that the server which maintains the secret-key table becomes an attractive target for numerous intrusions, PKC-based schemes suffer from the expensive complexity of the public-key infrastructure (PKI) and a high computation overhead. Therefore, in this paper, a self-verification authentication mechanism with lower computation and key management cost is introduced.     

利用复制SIM卡及网络漏洞进行欺诈的行为探析与对策研究

近年来,随着人们对移动通信业务的各种需求与日俱增,移动通信市场规模的不断扩大.在巨大的经济利益的驱使下,出现了大量利用移动通信网络的缺陷进行话费欺诈的现象,使电信运营商蒙受了巨大的经济损失.本文将对SIM卡复制的原理及利用复制SIM卡发送垃圾短信等话费欺诈行为进行深入的分析,提出针对此类问题的防范措施,以期提高移动通信...     

Vulnerabilities in Chen and Deng's RFID mutual authentication and privacy protection protocol

As incorporation of RFID (Radio Frequency IDentification) tags in a wide variety of applications increase, there is a need to ensure the security and privacy of the entity to which these tags are attached. Not surprisingly, this is a very active area as attested by the large number of related published research literature. Recently, the journal engineering applications of artificial intelligence published a paper by Chen and Deng (2009) where the authors propose a mutual authentication protocol for RFID. This protocol has fundamental flaws that can be readily taken advantage by a resourceful adversary. We identify and discuss these vulnerabilities and point out the characteristics of this protocol that exposes it to these vulnerabilities.     

A novel electronic cash system with trustee-based anonymity revocation from pairing

Untraceable electronic cash is an attractive payment tool for electronic-commerce because its anonymity property can ensure the privacy of payers. However, this anonymity property is easily abused by criminals. In this paper, several recent untraceable e-cash systems are examined. Most of these provide identity revealing only when the e-cash is double spent. Only two of these systems can disclose the identity whenever there is a need, and only these two systems can prevent crime. We propose a novel e-cash system based on identity-based bilinear pairing to create an anonymity revocation function. We construct an identity-based blind signature scheme, in which a bank can blindly sign on a message containing a trustee-approved token that includes the user’s identity. On demand, the trustee can disclose the identity for e-cash using only one symmetric operation. Our scheme is the first attempt to incorporate mutual authentication and key agreement into e-cash protocols. This allows the proposed system to attain improvement in communication efficiency when compared to previous works.     

无线局域网中一种基于共享秘密的认证和密钥协商协议

针对无线局域网中的便携式通信终端的计算资源、通信能力有限,难以执行大运算量的密码算法问题,提出了一种基于共享秘密的认证方式.该认证方式采用完整性校验码等安全技术为通信双方提供双向认证,由根秘密生成用于不同目的的多种密钥,并构成密钥体系.该认证方式能抵御重放攻击和中间人攻击,而且具有通信量小、计算量小、能提供密钥协商功能等优点,适合在资源受限的设备中用于保护移动通信中的信息安全.     

Evaluation of hippuric acid content in goat milk as a marker of feeding regimen

Organic producers, traders, and consumers must address 2 issues related to milk: authentication of the production system and nutritional differentiation. The presence of hippuric acid (HA) in goat milk samples has been proposed as a possible marker to differentiate the feeding regimen of goats. The objective of this work is to check the hypothesis that HA could be a marker for the type of feeding regimen of goats by studying the influence of production system (conventional or organic) and feeding regimen (with or without grazing fodder). With this purpose, commercial cow and goat milk samples (n = 27) and raw goat milk samples (n = 185; collected from different breeds, localizations, and dates) were analyzed. Samples were grouped according to breed, feeding regimen, production system, and origin to compare HA content by ANOVA and honestly significant difference Tukey test at a confidence level of ≥95%. Hippuric acid content was obtained by analyzing milk samples with capillary electrophoresis. This method was validated by analyzing part of the samples with HPLC as a reference technique. Sixty-nine raw goat milk samples (of the total 158 samples analyzed in this work) were quantified by capillary electrophoresis. In these samples, the lowest average content for HA was 7 ± 3 mg/L. This value corresponds to a group of conventional raw milk samples from goats fed with compound feed. The highest value of this group was 28 ± 10 mg/L, corresponding to goats fed compound feed plus grass. Conversely, for organic raw goat milk samples, the highest concentration was 67 ± 14 mg/L, which corresponds to goats fed grass. By contrast, the lowest value of this organic group was 26 ± 10 mg/L, which belongs to goats fed organic compounds. Notice that the highest HA average content was found in samples from grazing animals corresponding to the organic group. This result suggests that HA is a good marker to determine the type of goats feeding regimen; a high content of HA represents a diet based mainly or exclusively on eating green grass (grazing), independently of the production system. Hence, this marker would not be useful for the actual organic policies to distinguish organic milk under the current regulations, because organic dairy ruminants can be fed organic compound feed and conserved fodder without grazing at all.     

脱散的轨迹 对当代中国建筑师思考与实践发展脉络的另一种描述

文章尝试从部分20世纪50至70年代生当代中国建筑师实践策略和思考关注点的转变中寻觅线索轨迹。分析他们受到现代性话语体系的影响,同时检视他们在中国城市发展现状这一特定语境下的身份定义,进而尝试对当代中国建筑师思考与实践发展脉络进行描述。这一描述不从作品的结果出发作总结性的判断,而通过抽取不同建筑师的策略关注点和关键话语,进一步对贯穿不同时间段、没有因果关系的多重线索进行重新梳理和联结,对还原一个未曾明确的当代中国建筑话语体系给出研究建议。这一新的话语体系或许可以提供一种不同于西方现代性的"脱散的轨迹",从而见证多条线索在当代中国的某种不期而至的交汇或离散。     

PAACP: A portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks

Recently, several studies addressed security and privacy issues in vehicular ad hoc networks (VANETs). Most of them focused on safety applications. As VANETs will be available widely, it is anticipated that Internet services could be accessed through VANETs in the near future. Thus, non-safety applications for VANETs would rise in popularity. This paper proposes a novel portable privacy-preserving authentication and access control protocol, named PAACP, for non-safety applications in VANETs. In addition to the essential support of authentication, key establishment, and privacy preservation, PAACP is developed to provide sophisticated differentiated service access control, which will facilitate the deployment of a variety of non-safety applications. Besides, the portability feature of PAACP can eliminate the backend communications with service providers. Therefore, better performance and scalability can be achieved in PAACP.     

卫星通信系统安全技术综述

由于空间环境的特殊性,地面网络中的安全机制不能直接用于卫星通信.介绍了卫星通信系统安全技术的最新进展.首先从空间信道环境、卫星节点能力、星座网络结构等方面指出了卫星通信系统的安全弱点.然后总结了物理层、数据链路层、网络层和传输层所面临的安全威胁和防护对策.着重介绍了抗损毁技术、抗干扰技术、认证机制和密钥管理协议,并对有代表性的安全策略进行了分析、对比和讨论.最后对卫星通信系统安全技术发展方向做出预测.