Tsinghua Science and Technology

SPECIAL SECTION ON INFORMATION SECURITY

  • An Improved ID-Based Group Key Agreement Protocol

    Kangwen Hu;Jingfeng Xue;Changzhen Hu;Rui Ma;Zhiqiang Li;

    ID-based constant-round group key agreement protocols are efficient in both computation and communication,but previous protocols did not provide valid message authentication.An improvement based on attack analysis is proposed in this paper.The improved method takes full advantage of the data transmitted at various stages of the protocol.By guaranteeing the freshness of authentication messages,the authenticity of the generator of authentication messages,and the completeness of the authenticator,the improved protocol can resist various passive and active attacks.The forward secrecy of the improved protocol is proved under a Katz-Yung(KY)model.Compared with existing methods,the improved protocol is more effective and applicable.

    2014年05期 v.19 421-428页 [查看摘要][在线阅读][下载 236K]
    [下载次数:28 ] |[网刊下载次数:0 ] |[引用频次:4 ] |[阅读次数:0 ]
  • Worst-Input Mutation Approach to Web Services Vulnerability Testing Based on SOAP Messages

    Jinfu Chen;Huanhuan Wang;Dave Towey;Chengying Mao;Rubing Huang;Yongzhao Zhan;

    The growing popularity and application of Web services have led to increased attention regarding the vulnerability of software based on these services.Vulnerability testing examines the trustworthiness and reduces the security risks of software systems.This paper proposes a worst-input mutation approach for testing Web service vulnerability based on Simple Object Access Protocol(SOAP)messages.Based on characteristics of SOAP messages,the proposed approach uses the farthest neighbor concept to guide generation of the test suite.The corresponding automatic test case generation algorithm,namely,the Test Case generation based on the Farthest Neighbor(TCFN),is also presented.The method involves partitioning the input domain into sub-domains according to the number and type of SOAP message parameters in the TCFN,selecting the candidate test case whose distance is the farthest from all executed test cases,and applying it to test the Web service.We also implement and describe a prototype Web service vulnerability testing tool.The tool was applied to the testing of Web services on the Internet.The experimental results show that the proposed approach can find more vulnerability faults than other related approaches.

    2014年05期 v.19 429-441页 [查看摘要][在线阅读][下载 662K]
    [下载次数:40 ] |[网刊下载次数:0 ] |[引用频次:14 ] |[阅读次数:0 ]
  • A Class of the Hamming Weight Hierarchy of Linear Codes with Dimension 5

    Guoxiang Hu;Huanguo Zhang;Lijun Wang;Zhe Dong;

    The weight hierarchy of a [n; kI q] linear code C over Fq is the sequence(d1,… dr,… dk), where dr is the smallest support weight of an r-dimensional subcode of C. In this paper, by using the finite projective geometry method, we research a class of weight hierarchy of linear codes with dimension 5. We first find some new preconditions of this class. Then we divide its weight hierarchies into six subclasses, and research one subclass to determine nearly all the weight hierarchies of this subclass of weight hierarchies of linear codes with dimension 5.

    2014年05期 v.19 442-451页 [查看摘要][在线阅读][下载 318K]
    [下载次数:31 ] |[网刊下载次数:0 ] |[引用频次:3 ] |[阅读次数:0 ]
  • Privacy Quantification Model Based on the Bayes Conditional Risk in Location-Based Services

    Xuejun Zhang;Xiaolin Gui;Feng Tian;Si Yu;Jian An;

    The widespread use of Location-Based Services(LBSs),which allows untrusted service providers to collect large quantities of information regarding users’locations,has raised serious privacy concerns.In response to these issues,a variety of LBS Privacy Protection Mechanisms(LPPMs)have been recently proposed.However,evaluating these LPPMs remains problematic because of the absence of a generic adversarial model for most existing privacy metrics.In particular,the relationships between these metrics have not been examined in depth under a common adversarial model,leading to a possible selection of the inappropriate metric,which runs the risk of wrongly evaluating LPPMs.In this paper,we address these issues by proposing a privacy quantification model,which is based on Bayes conditional privacy,to specify a general adversarial model.This model employs a general definition of conditional privacy regarding the adversary’s estimation error to compare the different LBS privacy metrics.Moreover,we present a theoretical analysis for specifying how to connect our metric with other popular LBS privacy metrics.We show that our privacy quantification model permits interpretation and comparison of various popular LBS privacy metrics under a common perspective.Our results contribute to a better understanding of how privacy properties can be measured,as well as to the better selection of the most appropriate metric for any given LBS application.

    2014年05期 v.19 452-462页 [查看摘要][在线阅读][下载 396K]
    [下载次数:65 ] |[网刊下载次数:0 ] |[引用频次:18 ] |[阅读次数:0 ]
  • Attribute-Based Encryption for Circuits on Lattices

    Jian Zhao;Haiying Gao;Junqi Zhang;

    In the previous construction of attributed-based encryption for circuits on lattices,the secret key size was exponential to the number of AND gates of the circuit.Therefore,it was suitable for the shallow circuits whose depth is bounded.For decreasing the key size of previous scheme,combining the techniques of Two-to-One Recoding(TOR),and sampling on lattices,we propose a new Key-Policy Attribute-Based Encryption(KP-ABE)scheme for circuits of any arbitrary polynomial on lattices,and prove that the scheme is secure against chosen plaintext attack in the selective model under the Learning With Errors(LWE)assumptions.In our scheme,the key size is proportional to the number of gates or wires in the circuits.

    2014年05期 v.19 463-469页 [查看摘要][在线阅读][下载 261K]
    [下载次数:42 ] |[网刊下载次数:0 ] |[引用频次:14 ] |[阅读次数:0 ]
  • Dynamic Measurement Protocol in Infrastructure as a Service

    Shuang Xiang;Bo Zhao;An Yang;Tao Wei;

    Infrastructure as a Service(IaaS)has brought advantages to users because virtualization technology hides the details of the physical resources,but this leads to the problem of users being unable to perceive their security.This defect has obstructed cloud computing from wide-spread popularity and development.To solve this problem,a dynamic measurement protocol in IaaS is presented in this paper.The protocol makes it possible for the user to get the real-time security status of the resources,thereby solving the problem of guaranteeing dynamic credibility.This changes the cloud service security provider from the operator to the users themselves.This study has verified the security of the protocol by means of Burrow-Abadi-Needham(BAN)logic,and the result shows that it can satisfy requirements for innovation,privacy,and integrity.Finally,based on different IaaS platforms,this study has conducted a performance analysis to demonstrate that this protocol is reliable,secure,and efficient.

    2014年05期 v.19 470-477页 [查看摘要][在线阅读][下载 487K]
    [下载次数:45 ] |[网刊下载次数:0 ] |[引用频次:3 ] |[阅读次数:0 ]
  • Targeted Fully Homomorphic Encryption Based on a Double Decryption Algorithm for Polynomials

    Yatao Yang;Shuang Zhang;Junming Yang;Jia Li;Zichen Li;

    Several public-key encryption schemes used to solve the problem of ciphertext data processing on the fly are discussed.A new targeted fully homomorphic encryption scheme based on the discrete logarithm problem is presented.Public-key encryption cryptosystems are classified to examine homomorphic encryption.Without employing techniques proposed by Gentry such as somewhat homomorphic and bootstrapping techniques,or relinearization technique proposed by Brakerski et al.,a new method called"Double Decryption Algorithm"is employed in our cryptography to satisfy a fully or targeted fully homomorphic property.Inspired by ElGamal and BGN cryptography,we obtain the desired fully homomorphic property by selecting a new group and adding an extra component to the ciphertext.Proof of semantic security is also demonstrated.

    2014年05期 v.19 478-485页 [查看摘要][在线阅读][下载 254K]
    [下载次数:65 ] |[网刊下载次数:0 ] |[引用频次:13 ] |[阅读次数:0 ]
  • An Efficient and Practical Public Key Cryptosystem with CCA-Security on Standard Model

    Zhen Liu;Xiaoyuan Yang;Weidong Zhong;Yiliang Han;

    Chosen Ciphertext Attack(CCA)security on the standard model is widely accepted as the standard security notion for the public key cryptosystem.The existing CCA-secure public key cryptosystems on the standard model are expensive in terms of efficiency and practicality.In this paper,an efficient and practical public key cryptosystem is presented over the group of signed quadratic residues.It is provably secure against CCA on the standard model.Furthermore,public verifiability for this scheme is also realized in the way that projects the verification privacy key into public key on trapdoor pretending.It will be useful to devise efficient CCA-secure threshold and proxy re-encryption schemes on the standard model.

    2014年05期 v.19 486-495页 [查看摘要][在线阅读][下载 295K]
    [下载次数:19 ] |[网刊下载次数:0 ] |[引用频次:0 ] |[阅读次数:0 ]
  • Research and Practice of Dynamic Network Security Architecture for IaaS Platforms

    Lin Chen;Xingshu Chen;Junfang Jiang;Xueyuan Yin;Guolin Shao;

    Network security requirements based on virtual network technologies in IaaS platforms and corresponding solutions were reviewed.A dynamic network security architecture was proposed,which was built on the technologies of software defined networking,Virtual Machine(VM)traffic redirection,network policy unified management,software defined isolation networks,vulnerability scanning,and software updates.The proposed architecture was able to obtain the capacity for detection and access control for VM traffic by redirecting it to configurable security appliances,and ensured the effectiveness of network policies in the total life cycle of the VM by configuring the policies to the right place at the appropriate time,according to the impacts of VM state transitions.The virtual isolation domains for tenants’VMs could be built flexibly based on VLAN policies or Netfilter/Iptables firewall appliances,and vulnerability scanning as a service and software update as a service were both provided as security supports.Through cooperation with IDS appliances and automatic alarm mechanisms,the proposed architecture could dynamically mitigate a wide range of network-based attacks.The experimental results demonstrate the effectiveness of the proposed architecture.

    2014年05期 v.19 496-507页 [查看摘要][在线阅读][下载 1158K]
    [下载次数:116 ] |[网刊下载次数:0 ] |[引用频次:20 ] |[阅读次数:0 ]
  • Malicious Code Detection Model Based on Behavior Association

    Lansheng Han;Mengxiao Qian;Xingbo Xu;Cai Fu;Hamza Kwisaba;

    Malicious applications can be introduced to attack users and services so as to gain financial rewards,individuals’sensitive information,company and government intellectual property,and to gain remote control of systems.However,traditional methods of malicious code detection,such as signature detection,behavior detection,virtual machine detection,and heuristic detection,have various weaknesses which make them unreliable.This paper presents the existing technologies of malicious code detection and a malicious code detection model is proposed based on behavior association.The behavior points of malicious code are first extracted through API monitoring technology and integrated into the behavior;then a relation between behaviors is established according to data dependence.Next,a behavior association model is built up and a discrimination method is put forth using pushdown automation.Finally,the exact malicious code is taken as a sample to carry out an experiment on the behavior’s capture,association,and discrimination,thus proving that the theoretical model is viable.

    2014年05期 v.19 508-515页 [查看摘要][在线阅读][下载 350K]
    [下载次数:46 ] |[网刊下载次数:0 ] |[引用频次:3 ] |[阅读次数:0 ]

REGULAR ARTICLES

  • Characteristics of a Two-Class Polling System Model

    Zhijun Yang;Hongwei Ding;

    Polling system models have a wide range of important applications including time-sharing computer systems,industrial control,communications,and computer networks.In this paper,we propose a two-class prioritybased polling system that uses gated and exhaustive services to achieve the priority-based scheme.This model is set up according to the method of the imbedded Markov chain theory and the generation function and explicitly analyzes key system performance characteristics including mean queue length,cyclic time,and throughput.Theoretical and simulation results are identical and demonstrate the efficiency of the model.

    2014年05期 v.19 516-520页 [查看摘要][在线阅读][下载 581K]
    [下载次数:34 ] |[网刊下载次数:0 ] |[引用频次:17 ] |[阅读次数:0 ]
  • SwiftArray: Accelerating Queries on Multidimensional Arrays

    Yifeng Geng;Xiaomeng Huang;Guangwen Yang;

    Scientific instruments and simulation programs are generating large amounts of multidimensional array data.Queries with value and dimension subsetting conditions are commonly used by scientists to find useful information from big array data,and data storage and indexing methods play an important role in supporting queries on multidimensional array data efficiently.In this paper,we propose SwiftArray,a new storage layout with indexing techniques to accelerate queries with value and dimension subsetting conditions.In SwiftArray,the multidimensional array is divided into blocks and each block stores sorted values.Blocks are placed in the order of a Hilbert space-filling curve to improve data locality for dimension subsetting queries.We propose a 2-D-Bin method to build an index for the blocks’value ranges,which is an efficient way to avoid accessing unnecessary blocks for value subsetting queries.Our evaluations show that SwiftArray surpasses the NetCDF-4 format and FastBit indexing technique for queries on multidimensional arrays.

    2014年05期 v.19 521-530页 [查看摘要][在线阅读][下载 1005K]
    [下载次数:31 ] |[网刊下载次数:0 ] |[引用频次:0 ] |[阅读次数:0 ]
  • Microblogging Reposting Mechanism: An Information Adoption Perspective

    Wei Yan;Jinghua Huang;

    This study uses the Elaboration Likelihood Model(ELM)and social presence theory to examine the microblogging reposting mechanism.Subjective and objective data were collected from 216 respondents in a field experiment.The results indicate that information quality and source credibility of microblogging messages affect users’reposting intention by affecting their perceptions of the usefulness and enjoyment of the information.Perceived enjoyment has a greater impact on reposting intention than perceived usefulness.Furthermore,users are able to perceive social presence when interacting with microblogging messages.Social presence plays a full mediating role between information quality and perceived enjoyment,and a partial mediating role between information quality and perceived usefulness.

    2014年05期 v.19 531-542页 [查看摘要][在线阅读][下载 295K]
    [下载次数:49 ] |[网刊下载次数:0 ] |[引用频次:18 ] |[阅读次数:0 ]

  • Call for Papers Special Section on Microelectronics

    <正>The publication of Tsinghua Science and Technology was started in 1996.Since then,it has been an international academic journal sponsored by Tsinghua University and published bimonthly.This journal aims at presenting the state-of-art scientific achievements in computer science and other IT fields.This special section is devoted to gather and present high level research and review papers that address the challenges in the broad areas of Microelectronics.Microelectronics has become a highly active research area because of the potential of providing diverse services to broad range of applications,not only on science and engineering,but

    2014年05期 v.19 543页 [查看摘要][在线阅读][下载 51K]
    [下载次数:21 ] |[网刊下载次数:0 ] |[引用频次:0 ] |[阅读次数:0 ]
  • Call for Papers Special Section on Smart Grid

    <正>The publication of Tsinghua Science and Technology was started in 1996.Since then,it has been an international academic journal sponsored by Tsinghua University and published bimonthly.This journal aims at presenting the state-of-art scientific achievements in computer science and other IT fields.The Smart Grid System,or the intelligent electricity grid has attracted increasing attentions in recent years and become a global trend nowadays.As the revolution of the electric grid system,it facilitates a reliable and efficient delivery of electricity to consumers utilizing modern intelligent electricity generation,transmission and distribution by incorporating elements of traditional and advanced power engineering,sophisticated sensing and

    2014年05期 v.19 544页 [查看摘要][在线阅读][下载 52K]
    [下载次数:12 ] |[网刊下载次数:0 ] |[引用频次:0 ] |[阅读次数:0 ]
  • Information for Contributors

    <正>Tsinghua Science and Technology(Tsinghua Sci Technol),an academic journal sponsored by Tsinghua University,is published bimonthly.This journal aims at presenting the up-to-date scientific achievements with high creativity and great significance in computer and electronic engineering.Contributions all over the world are welcome.Tsinghua Sci Technol is indexed by IEEE Xplore,Engineering index(Ei,USA),INSPEC,SA,Cambridge Abstract and other abstracting indexes.Manuscripts are selected for publication according to the editorial assessment of their suitability and evaluation from independent reviewers.Papers are usually sent to two or more reviewers including one reviewer out of China.

    2014年05期 v.19 545页 [查看摘要][在线阅读][下载 27K]
    [下载次数:8 ] |[网刊下载次数:0 ] |[引用频次:0 ] |[阅读次数:0 ]
  • 下载本期数据