PAACP: A portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks

Recently, several studies addressed security and privacy issues in vehicular ad hoc networks (VANETs). Most of them focused on safety applications. As VANETs will be available widely, it is anticipated that Internet services could be accessed through VANETs in the near future. Thus, non-safety applications for VANETs would rise in popularity. This paper proposes a novel portable privacy-preserving authentication and access control protocol, named PAACP, for non-safety applications in VANETs. In addition to the essential support of authentication, key establishment, and privacy preservation, PAACP is developed to provide sophisticated differentiated service access control, which will facilitate the deployment of a variety of non-safety applications. Besides, the portability feature of PAACP can eliminate the backend communications with service providers. Therefore, better performance and scalability can be achieved in PAACP.     

利用复制SIM卡及网络漏洞进行欺诈的行为探析与对策研究

近年来,随着人们对移动通信业务的各种需求与日俱增,移动通信市场规模的不断扩大.在巨大的经济利益的驱使下,出现了大量利用移动通信网络的缺陷进行话费欺诈的现象,使电信运营商蒙受了巨大的经济损失.本文将对SIM卡复制的原理及利用复制SIM卡发送垃圾短信等话费欺诈行为进行深入的分析,提出针对此类问题的防范措施,以期提高移动通信...     

Coping with information technology challenges to identity: A theoretical framework

Drawing on ideas from identity control theory and coping theory and on a diverse range of social psychology literature, we propose an integrative theoretical framework that unpacks and traces the processes by which information technology comes to affect users’ identity. We define four types of strategies (acting on the situation, adjusting the self, cathartic practices and distancing) through which people cope with technological challenges to the self. We suggest that these strategies may lead to four individual-level outcomes, namely reinforced identity, redefined identity, ambivalent identity and anti-identity. The model is provided with a preliminary support through reference to real life situations, carefully selected from extant empirical IS enquiries.     

浅谈韩国KS认证审核

主要介绍在接受韩国KS认证审核中应该注意的事项和细节.     

卫星通信系统安全技术综述

由于空间环境的特殊性,地面网络中的安全机制不能直接用于卫星通信.介绍了卫星通信系统安全技术的最新进展.首先从空间信道环境、卫星节点能力、星座网络结构等方面指出了卫星通信系统的安全弱点.然后总结了物理层、数据链路层、网络层和传输层所面临的安全威胁和防护对策.着重介绍了抗损毁技术、抗干扰技术、认证机制和密钥管理协议,并对有代表性的安全策略进行了分析、对比和讨论.最后对卫星通信系统安全技术发展方向做出预测.     

A self-verification authentication mechanism for mobile satellite communication systems

In order to provide an opportunity to make personal communication as broad as possible, mobile satellite communication systems have recently drawn much attention. However, any communication system raises two major challenging issues: (1) how to determine whether actors are whom they claim to be; and (2) how to protect data against unauthorized disclosure. Although the secret-key cryptosystem (SKC) and the public-key cryptosystem (PKC) have been developed to provide well-defined security services to address these issues each has serous drawbacks while SKC-based authentication schemes have the common demerit that the server which maintains the secret-key table becomes an attractive target for numerous intrusions, PKC-based schemes suffer from the expensive complexity of the public-key infrastructure (PKI) and a high computation overhead. Therefore, in this paper, a self-verification authentication mechanism with lower computation and key management cost is introduced.     

An efficient and DoS-resistant user authentication scheme for two-tiered wireless sensor networks

Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints.Considering that most large-scale WSNs follow a two-tiered architecture,we propose an...     

基于智能手机的机动车电子身份认证比对装置

针对传统机动车身份识别系统设备体积较大、不方便携带和移动的问题,文中开发了基于智能手机的机动车电子身份比对装置,其由微型便携超高频RFID读卡器、智能手机、手机APP及后台数据服务器共同组成。该装置充分利用了智能手机的拍摄、数据处理和通讯功能,配合微型RFID读卡器使用,具有方便携带、可同时完成机动车电子和传统号牌双重识别、可实时联网完成数据比对、价格低廉、工作稳定等特点。同时方便稽查人员随身携带使用,可完成对机动车辆身份的流动稽查、违章违法查处、盗抢套牌车辆查处等工作。     

一种基于聚合签名的服务会话认证协议

为满足Web服务的会话认证需求,提高多方服务交互环境下的认证效率,基于IBC体制中无可信PKG签名思想提出一种基于身份的聚合签名算法,并使用该算法设计一种新的服务会话认证协议。该协议在保证多方服务实例安全共享会话的同时,能够解决密钥托管和防PKG伪造用户签名等问题,认证方只需对多个会话实例认证信息的聚合签名进行一次验证就能确信各签名是否来自指定的会话参与方,从而减少会话认证量。相比类似方案,该协议具有更高的计算效率。     

二代证与校园卡融合的通用模型设计

针对第二代居民身份证具有的身份安全认证和信息唯一性的技术特点,以及校园卡具有的园区身份认证、电子钱包消费等服务功能,提出以二代证作为实体证书、校园卡作为应用属性的通用认证模式.采用目录式文件管理多功能区域技术,设计公共扇区,构建基础数据平台同步系统,将二代证与校园卡进行有效融合,实现了证卡的跨行业应用.