基于等级保护基本要求的云计算安全研究

随着云计算的进一步推进和发展,云计算面临的安全问题变得越来越突出,特别是在云计算安全中的用户数据机密性、完整性和可用性方面尤为突出,云计算安全已经成为云计算推进过程中的首要障碍和难题。从云计算应用安全和系统安全两个层面,提出了云计算安全中应用安全和系统安全的威胁所在以及相应的基本保护要求。     

面向产品族的设计方法研究

面向产品族的设计是实现大规模定制的核心，而对设计方法的研究则是面向产品族设计的关键．本文对模块化的产品族设计方法进行了研究。在PFA方法的基础上，提出了利用构造机制进行多样性生成的基本方法，并利用其进行产品族设计结构描述．最后进行了实例设计一客车座椅的模块化设计．设计过程表明，该设计方法简单易行，适合于产品中各个功能组件相对独立、模块化程度比较高的产品族设计。     

网络数据库安全性问题及解决方法

对ASP开发网络数据库存在的漏洞进行分析，并提出了解决的方法。     

IPSec的探讨及改进

本文首先简要介绍了网络的安全问题方面的IPSec协议，然后对其优点和不足进行了分析，并提出了一些改进的措施。     

DoD TRM服务与DII COE段的比较和分析

文章简要介绍了DoDTRM的服务视图、服务域和服务,以及DIICOE的体系结构和段,并在此基础上对TRM服务和DIICOE段进行了比较。     

当代非线性建筑风格解析

该文以2010年上海世博会展馆所展示的当代建筑风格为切入点,并结合艺术风格的相关理论,探讨了建筑风格演变的历史经验,在此基础上,探寻出当代非线性建筑风格形成的缘由,最后,该文剖析了非线性建筑的美学成因和所蕴涵的美学价值。     

Oracle数据库的帐户安全

数据库帐户安全是数据库安全中的重要一环,通过对OS确认、口令和口令编码的合理使用,能大大增强帐户的安全性,有效地防止对帐户的攻击。本文对OS确认、口令和口令编码的合理使用进行了较详细的分析和说明。     

Modelling and analysing cognitive causes of security breaches

In this paper we are concerned with security issues that arise in the interaction between user and system. We focus on cognitive processes that affect security of information flow from the user to the computer system and the resilience of the whole system to intruder attacks. For this, we extend our framework developed for the verification of usability properties by introducing two kinds of intruder models, an observer and an active intruder, with the associated security properties. Finally, we consider small examples to illustrate the ideas and approach. These examples demonstrate how our framework can be used (a) to detect confidentiality leaks, caused by a combination of an inappropriate design and certain aspects of human cognition, and (b) to identify designs more susceptible to cognitively based intruder attacks.     

A policy enforcement framework for verification and control of service collaboration

This paper proposes a policy enforcement framework to dynamically verify and control the collaboration process in Service-Oriented Architecture (SOA). Dynamic SOA collaboration is different from traditional service collaboration where the workflow is pre-defined at design time while the services used can be discovered at runtime. In dynamic collaboration, both the workflows and services can be determined at runtime. As they will be determined at runtime, many verification activities can be performed at runtime. This paper proposes a dynamic policy enforcement framework that follows the dynamic SOA collaboration process to ensure that various system constraints can be enforced at runtime. The framework includes a policy specification language, a policy completeness and consistency checking, and distributed policy enforcement. Finally, this paper presents the construction of a sample example to illustrate these features with quantitative performance data.