With the continuous development of computer network technology, its applications in daily life and work have become increasingly widespread, greatly improving efficiency. However, certain security risks remain. To ens...With the continuous development of computer network technology, its applications in daily life and work have become increasingly widespread, greatly improving efficiency. However, certain security risks remain. To ensure the security of computer networks and databases, it is essential to enhance the security of both through optimization of technology. This includes improving management practices, optimizing data processing methods, and establishing comprehensive laws and regulations. This paper analyzes the current security risks in computer networks and databases and proposes corresponding solutions, offering reference points for relevant personnel.展开更多
This paper discusses how to use the security measurements, such as privileges, roles, views, stored procedures and triggers, to ensure the safety of a database system. This paper also gives an example of making use of...This paper discusses how to use the security measurements, such as privileges, roles, views, stored procedures and triggers, to ensure the safety of a database system. This paper also gives an example of making use of some special views of ORACLE DATA DICTIONARY to track the security records of a database system.展开更多
Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the serv...Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.展开更多
How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, dat...How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST' s firewall reference model by adding a transmission unit modification function and an attribute value mapping function,describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.展开更多
As an information-rich collective, there are always some people who choose to take risks for some ulterior purpose and others are committed to finding ways to deal with database security threats. The purpose of databa...As an information-rich collective, there are always some people who choose to take risks for some ulterior purpose and others are committed to finding ways to deal with database security threats. The purpose of database security research is to prevent the database from being illegally used or destroyed. This paper introduces the main literature in the field of database security research in recent years. First of all, we classify these papers, the classification criteria </span><span style="font-size:12px;font-family:Verdana;">are</span><span style="font-size:12px;font-family:Verdana;"> the influencing factors of database security. Compared with the traditional and machine learning (ML) methods, some explanations of concepts are interspersed to make these methods easier to understand. Secondly, we find that the related research has achieved some gratifying results, but there are also some shortcomings, such as weak generalization, deviation from reality. Then, possible future work in this research is proposed. Finally, we summarize the main contribution.展开更多
Database security protection, database backup and disaster recovery are important tasks for all colleges and universities to ensure the safe and stable operation of information systems. Based on the operating environm...Database security protection, database backup and disaster recovery are important tasks for all colleges and universities to ensure the safe and stable operation of information systems. Based on the operating environment of the Oracle production database in China University of Geosciences (Beijing), combined with the practical operation and maintenance experience, this paper provides a design and implementation case of Oracle database security protection system and disaster recovery architecture. The network security protection architecture of the three-layer firewall and fortress machine, the detection and repair of security vulnerabilities, the management of system accounts and permissions, data encryption and database audit constitute the security protection system of the database. Oracle RAC (Real Application Clusters), Oracle DataGuard, redundant backup management and backup recovery constitute the disaster recovery architecture of the database. The case has practical significance for database operation and maintenance management in other colleges and universities.展开更多
Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database ma...Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, MAC and multigranularity audit. DAC solves the problems o f role inheritance, right contain, authorization identify and cascade revoke, et c; MAC includes subject and object security setup rule, security modify rule and multilevel relation access operation rule, etc; Audit allows making the sub ject, object or operation type as different audit object to implement flexible a nd multigranularity audit method. The model is designed act as a security agent to access daemon database. At present, the model is implemented which runs on th e Windows 2000 environments.展开更多
Since land resource database development in 1987/1988, a large amount of digital data in spatial, tabular and metadata format has been collected and generated. There are some application softwares of soil database to ...Since land resource database development in 1987/1988, a large amount of digital data in spatial, tabular and metadata format has been collected and generated. There are some application softwares of soil database to manage such a large amount of data, i.e.: Side & Horizon (SHDE4), Soil Sample Analysis (SSA), and Land Unit in dbf file, while Site and Horizon is in DataEase formats. The database contains soil physics and chemical property data of each soil horizon from surface to effective soil depth, climate, land surface condi- tions, and other parameters required for soil classification. Currently, database management software for land resources is still based on DOS and is stand alone. The system is not efficient and effectively used as Agri- cultural Land Resource Information System. At present, as a key component of this system requires review and development of new database software is compatible with the development of information technology. This paper explains about development of interactive agricultural land resources information system for op- timizing land resources data utilization. Hopefully, the software can give contributions in national Agricul- tural Land Resources System Information development for supporting food security.展开更多
This paper proposes a quantitative security evaluation for software system from the vulnerability data consisting of discovery date, solution date and exploit publish date based on a stochastic model. More precisely, ...This paper proposes a quantitative security evaluation for software system from the vulnerability data consisting of discovery date, solution date and exploit publish date based on a stochastic model. More precisely, our model considers a vulnerability life-cycle model and represents the vulnerability discovery process as a non-homogeneous Poisson process. In a numerical example, we show the quantitative measures for contents management system of an open source project.展开更多
In the paper, we conduct research on the office automation system development and practice based on database optimization and security enhancement technology. Office automation is with the rapid development of compute...In the paper, we conduct research on the office automation system development and practice based on database optimization and security enhancement technology. Office automation is with the rapid development of computer technology and puts forward a new concept, the abbreviation for OA, refers to the enterprise through the use of advanced science and technology, the allocation of the information resources in a reasonable manner, so as to improve the work efficiency and quality of staff, auxiliary management to make decisions, to obtain more economic benefits and main including images, text, audio, data and other information collection, and processing and storage. Among them, the office automation is based on the staff as the main body, with advanced scientific technology by combining with computer technology and form comprehensive office mode. Our proposed method serves as the novel paradigm for the development of the office automation which is meaningful.展开更多
This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level securi...This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level security(MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework,and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model,while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present,our MAC framework fills the blank by applying Virt-BLP model to Xen,which is better than current researches to guarantee the security of communication between virtual machines(VMs) . The experimental results show that our MAC framework is effective to manage the communication between VMs.展开更多
Secure real-time databases must simultaneously satisfy two requirements in guaranteeing data security and minimizing the missing deadlines ratio of transactions. However, these two requirements can conflict with each ...Secure real-time databases must simultaneously satisfy two requirements in guaranteeing data security and minimizing the missing deadlines ratio of transactions. However, these two requirements can conflict with each other and achieve one requirement is to sacrifice the other. This paper presents a secure real-time concurrency control protocol based on optimistic method. The concurrency control protocol incorporates security constraints in a real-time optimistic concurrency control protocol and makes a suitable tradeoff between security and real-time requirements by introducing secure influence factor and real-time influence factor. The experimental results show the concurrency control protocol achieves data security without degrading real-time perform ance significantly.展开更多
With widespread use of relational database in various real-life applications,maintaining integrity and providing copyright protection is gaining keen interest of the researchers.For this purpose,watermarking has been ...With widespread use of relational database in various real-life applications,maintaining integrity and providing copyright protection is gaining keen interest of the researchers.For this purpose,watermarking has been used for quite a long time.Watermarking requires the role of trusted third party and a mechanism to extract digital signatures(watermark)to prove the ownership of the data under dispute.This is often inefficient as lots of processing is required.Moreover,certain malicious attacks,like additive attacks,can give rise to a situation when more than one parties can claim the ownership of the same data by inserting and detecting their own set of watermarks from the same data.To solve this problem,we propose to use blockchain technology—as trusted third party—along with watermarking for providing a means of rights protection of relational databases.Using blockchain for writing the copyright information alongside watermarking helps to secure the watermark as changing the blockchain is very difficult.This way,we combined the resilience of our watermarking scheme and the strength of blockchain technology—for protecting the digital rights information from alteration—to design and implement a robust scheme for digital right protection of relational databases.Moreover,we also discuss how the proposed scheme can also be used for version control.The proposed technique works with nonnumeric features of relational database and does not target only selected tuple or portion(subset)from the database for watermark embedding unlike most of the existing techniques;as a result,the chances of subset selection containing no watermark decrease automatically.The proposed technique employs zerowatermarking approach and hence no intentional error(watermark)is added to the original dataset.The results of the experiments proved the effectiveness of the proposed scheme.展开更多
At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access con...At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access control (MAC) and MLS in virtual machine system,this paper designs Virt-BLP model,which is based on BLP model.For the distinction between virtual machine system and non-virtualized system,we build elements and security axioms of Virt-BLP model by modifying those of BLP.Moreover,comparing with BLP,the number of state transition rules of Virt-BLP is reduced accordingly and some rules can only be enforced by trusted subject.As a result,Virt-BLP model supports MAC and partial discretionary access control (DAC),well satisfying the requirement of MLS in virtual machine system.As space is limited,the implementation of our MAC framework will be shown in a continuation.展开更多
Quantum private query(QPQ)protocols have emerged as a pivotal innovation in quantum cryptography,offering users the ability to retrieve specific database information while preserving privacy.However,the practical impl...Quantum private query(QPQ)protocols have emerged as a pivotal innovation in quantum cryptography,offering users the ability to retrieve specific database information while preserving privacy.However,the practical implementation of these protocols faces significant security challenges,particularly from joint-measurement attacks in multi-round query scenarios.A recent study by Liu et al.addresses these vulnerabilities through a comprehensive analysis and proposes innovative solutions,marking a critical advancement in the field[1].展开更多
This article describes the design and implementation of Residents Life Event Management System (hereinafter called as RLEMS) with high level reliability and security by blockchain technology. The data access environme...This article describes the design and implementation of Residents Life Event Management System (hereinafter called as RLEMS) with high level reliability and security by blockchain technology. The data access environment provided by blockchain is highly secure and trustworthy. In Blockchain system, some data fragments are grouped into one piece called as <i>blocks</i>, and all blocks are connected to create a chain of blocks in database. When blocks are connected, hash value is used to connect blocks properly. Blockchain technology enables highly secure and reliable data management system under relatively poor ICT environment. For example, developing countries such as African countries do not have sufficient ICT environment. Therefore adopting blockchain technology is suitable for such countries. Based on this consideration, we have started to build RLEMS on the blockchain system. In previous work, we used the MultiChain as a blockchain platform. However, as MultiChain platform is mainly for private blockchain system, it is not suitable for government-level data management system. Therefore, we tried to use another blockchain framework. We selected Hyperledger Fabric which was developed by Linux Foundation. It enables to implement all styles of blockchain system. This article describes the design and implementation of RLEMS by using Hyperledger Fabric. Furthermore, to provide the best user experience, we also built the web application interface with Java web application framework named PrimeFace. The implementation of a prototype revealed that the Hyperledger Fabric blockchain technology is more suitable than MultiChain.展开更多
A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lowe...A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lower layer relationalintegrity is presented after we analyze and eliminate the covert channels caused by the database integrity.Two SQL statements are extended to process polyinstantiation in the multilevel secure environment.The system based on the multilevel secure relation hierarchical data model is capable of integratively storing and manipulating complicated objects ( e.g. , multilevel spatial data) and conventional data ( e.g. , integer, real number and character string) in multilevel secure database.展开更多
Most of the existing security Mobicast routing protocols are not suitable for the monitoring applications with higher quality of service (QoS) requirement. A QoS dynamic clustering secure multicast scheme (QoS-DCSM...Most of the existing security Mobicast routing protocols are not suitable for the monitoring applications with higher quality of service (QoS) requirement. A QoS dynamic clustering secure multicast scheme (QoS-DCSMS) based on Mobicast and multi-level IxTESLA protocol for large-scale tracking sensornets is presented in this paper. The multicast clusters are dynamically formed according to the real-time status of nodes, and the cluster-head node is responsible for status review and certificating management of cluster nodes to ensure the most optimized QoS and security of multicast in this scheme. Another contribution of this paper is the optimal QoS security authentication algorithm, which analyzes the relationship between the QoS and the level Mofmulti-level oTESLA. Based on the analysis and simulation results, it shows that the influence to the network survival cycle ('NSC) and real-time communication caused by energy consumption and latency in authentication is acceptable when the optimal QoS security authentication algorithm is satisfied.展开更多
Since the 1970s, according to the international pension system reform trend for old-age social security system, no single institutional arrangement can ensure the functions of endowment security system to achieve the ...Since the 1970s, according to the international pension system reform trend for old-age social security system, no single institutional arrangement can ensure the functions of endowment security system to achieve the optimal.Therefore,how to based on the present situation of development, and to accurately, thus promote the resources integration, comprehensive build multi-level old-age security system, has important policy and practice significance.展开更多
文摘With the continuous development of computer network technology, its applications in daily life and work have become increasingly widespread, greatly improving efficiency. However, certain security risks remain. To ensure the security of computer networks and databases, it is essential to enhance the security of both through optimization of technology. This includes improving management practices, optimizing data processing methods, and establishing comprehensive laws and regulations. This paper analyzes the current security risks in computer networks and databases and proposes corresponding solutions, offering reference points for relevant personnel.
文摘This paper discusses how to use the security measurements, such as privileges, roles, views, stored procedures and triggers, to ensure the safety of a database system. This paper also gives an example of making use of some special views of ORACLE DATA DICTIONARY to track the security records of a database system.
文摘Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.
文摘How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST' s firewall reference model by adding a transmission unit modification function and an attribute value mapping function,describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.
文摘As an information-rich collective, there are always some people who choose to take risks for some ulterior purpose and others are committed to finding ways to deal with database security threats. The purpose of database security research is to prevent the database from being illegally used or destroyed. This paper introduces the main literature in the field of database security research in recent years. First of all, we classify these papers, the classification criteria </span><span style="font-size:12px;font-family:Verdana;">are</span><span style="font-size:12px;font-family:Verdana;"> the influencing factors of database security. Compared with the traditional and machine learning (ML) methods, some explanations of concepts are interspersed to make these methods easier to understand. Secondly, we find that the related research has achieved some gratifying results, but there are also some shortcomings, such as weak generalization, deviation from reality. Then, possible future work in this research is proposed. Finally, we summarize the main contribution.
文摘Database security protection, database backup and disaster recovery are important tasks for all colleges and universities to ensure the safe and stable operation of information systems. Based on the operating environment of the Oracle production database in China University of Geosciences (Beijing), combined with the practical operation and maintenance experience, this paper provides a design and implementation case of Oracle database security protection system and disaster recovery architecture. The network security protection architecture of the three-layer firewall and fortress machine, the detection and repair of security vulnerabilities, the management of system accounts and permissions, data encryption and database audit constitute the security protection system of the database. Oracle RAC (Real Application Clusters), Oracle DataGuard, redundant backup management and backup recovery constitute the disaster recovery architecture of the database. The case has practical significance for database operation and maintenance management in other colleges and universities.
文摘Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, MAC and multigranularity audit. DAC solves the problems o f role inheritance, right contain, authorization identify and cascade revoke, et c; MAC includes subject and object security setup rule, security modify rule and multilevel relation access operation rule, etc; Audit allows making the sub ject, object or operation type as different audit object to implement flexible a nd multigranularity audit method. The model is designed act as a security agent to access daemon database. At present, the model is implemented which runs on th e Windows 2000 environments.
文摘Since land resource database development in 1987/1988, a large amount of digital data in spatial, tabular and metadata format has been collected and generated. There are some application softwares of soil database to manage such a large amount of data, i.e.: Side & Horizon (SHDE4), Soil Sample Analysis (SSA), and Land Unit in dbf file, while Site and Horizon is in DataEase formats. The database contains soil physics and chemical property data of each soil horizon from surface to effective soil depth, climate, land surface condi- tions, and other parameters required for soil classification. Currently, database management software for land resources is still based on DOS and is stand alone. The system is not efficient and effectively used as Agri- cultural Land Resource Information System. At present, as a key component of this system requires review and development of new database software is compatible with the development of information technology. This paper explains about development of interactive agricultural land resources information system for op- timizing land resources data utilization. Hopefully, the software can give contributions in national Agricul- tural Land Resources System Information development for supporting food security.
文摘This paper proposes a quantitative security evaluation for software system from the vulnerability data consisting of discovery date, solution date and exploit publish date based on a stochastic model. More precisely, our model considers a vulnerability life-cycle model and represents the vulnerability discovery process as a non-homogeneous Poisson process. In a numerical example, we show the quantitative measures for contents management system of an open source project.
文摘In the paper, we conduct research on the office automation system development and practice based on database optimization and security enhancement technology. Office automation is with the rapid development of computer technology and puts forward a new concept, the abbreviation for OA, refers to the enterprise through the use of advanced science and technology, the allocation of the information resources in a reasonable manner, so as to improve the work efficiency and quality of staff, auxiliary management to make decisions, to obtain more economic benefits and main including images, text, audio, data and other information collection, and processing and storage. Among them, the office automation is based on the staff as the main body, with advanced scientific technology by combining with computer technology and form comprehensive office mode. Our proposed method serves as the novel paradigm for the development of the office automation which is meaningful.
基金supported by National Key Basic Research and Development Plan (973 Plan) of China (No. 2007CB310900)National Natural Science Foundation of China (No. 90612018, 90715030 and 60970008)
文摘This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level security(MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework,and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model,while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present,our MAC framework fills the blank by applying Virt-BLP model to Xen,which is better than current researches to guarantee the security of communication between virtual machines(VMs) . The experimental results show that our MAC framework is effective to manage the communication between VMs.
基金Supported by the Defense Pre-Research Project ofthe"Tenth Five-Year-Plan"of China (413150403)
文摘Secure real-time databases must simultaneously satisfy two requirements in guaranteeing data security and minimizing the missing deadlines ratio of transactions. However, these two requirements can conflict with each other and achieve one requirement is to sacrifice the other. This paper presents a secure real-time concurrency control protocol based on optimistic method. The concurrency control protocol incorporates security constraints in a real-time optimistic concurrency control protocol and makes a suitable tradeoff between security and real-time requirements by introducing secure influence factor and real-time influence factor. The experimental results show the concurrency control protocol achieves data security without degrading real-time perform ance significantly.
基金This project was supported by University of Jeddah under the Grant Number(UJ-02-014-ICGR).
文摘With widespread use of relational database in various real-life applications,maintaining integrity and providing copyright protection is gaining keen interest of the researchers.For this purpose,watermarking has been used for quite a long time.Watermarking requires the role of trusted third party and a mechanism to extract digital signatures(watermark)to prove the ownership of the data under dispute.This is often inefficient as lots of processing is required.Moreover,certain malicious attacks,like additive attacks,can give rise to a situation when more than one parties can claim the ownership of the same data by inserting and detecting their own set of watermarks from the same data.To solve this problem,we propose to use blockchain technology—as trusted third party—along with watermarking for providing a means of rights protection of relational databases.Using blockchain for writing the copyright information alongside watermarking helps to secure the watermark as changing the blockchain is very difficult.This way,we combined the resilience of our watermarking scheme and the strength of blockchain technology—for protecting the digital rights information from alteration—to design and implement a robust scheme for digital right protection of relational databases.Moreover,we also discuss how the proposed scheme can also be used for version control.The proposed technique works with nonnumeric features of relational database and does not target only selected tuple or portion(subset)from the database for watermark embedding unlike most of the existing techniques;as a result,the chances of subset selection containing no watermark decrease automatically.The proposed technique employs zerowatermarking approach and hence no intentional error(watermark)is added to the original dataset.The results of the experiments proved the effectiveness of the proposed scheme.
基金Acknowledgements This work was supported by National Key Basic Research and Development Plan (973 Plan) of China (No. 2007CB310900) and National Natural Science Foundation of China (No. 90612018, 90715030 and 60970008).
文摘At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access control (MAC) and MLS in virtual machine system,this paper designs Virt-BLP model,which is based on BLP model.For the distinction between virtual machine system and non-virtualized system,we build elements and security axioms of Virt-BLP model by modifying those of BLP.Moreover,comparing with BLP,the number of state transition rules of Virt-BLP is reduced accordingly and some rules can only be enforced by trusted subject.As a result,Virt-BLP model supports MAC and partial discretionary access control (DAC),well satisfying the requirement of MLS in virtual machine system.As space is limited,the implementation of our MAC framework will be shown in a continuation.
文摘Quantum private query(QPQ)protocols have emerged as a pivotal innovation in quantum cryptography,offering users the ability to retrieve specific database information while preserving privacy.However,the practical implementation of these protocols faces significant security challenges,particularly from joint-measurement attacks in multi-round query scenarios.A recent study by Liu et al.addresses these vulnerabilities through a comprehensive analysis and proposes innovative solutions,marking a critical advancement in the field[1].
文摘This article describes the design and implementation of Residents Life Event Management System (hereinafter called as RLEMS) with high level reliability and security by blockchain technology. The data access environment provided by blockchain is highly secure and trustworthy. In Blockchain system, some data fragments are grouped into one piece called as <i>blocks</i>, and all blocks are connected to create a chain of blocks in database. When blocks are connected, hash value is used to connect blocks properly. Blockchain technology enables highly secure and reliable data management system under relatively poor ICT environment. For example, developing countries such as African countries do not have sufficient ICT environment. Therefore adopting blockchain technology is suitable for such countries. Based on this consideration, we have started to build RLEMS on the blockchain system. In previous work, we used the MultiChain as a blockchain platform. However, as MultiChain platform is mainly for private blockchain system, it is not suitable for government-level data management system. Therefore, we tried to use another blockchain framework. We selected Hyperledger Fabric which was developed by Linux Foundation. It enables to implement all styles of blockchain system. This article describes the design and implementation of RLEMS by using Hyperledger Fabric. Furthermore, to provide the best user experience, we also built the web application interface with Java web application framework named PrimeFace. The implementation of a prototype revealed that the Hyperledger Fabric blockchain technology is more suitable than MultiChain.
文摘A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lower layer relationalintegrity is presented after we analyze and eliminate the covert channels caused by the database integrity.Two SQL statements are extended to process polyinstantiation in the multilevel secure environment.The system based on the multilevel secure relation hierarchical data model is capable of integratively storing and manipulating complicated objects ( e.g. , multilevel spatial data) and conventional data ( e.g. , integer, real number and character string) in multilevel secure database.
基金Supported by the National Natural Science Foundation of China (No. 60903157)
文摘Most of the existing security Mobicast routing protocols are not suitable for the monitoring applications with higher quality of service (QoS) requirement. A QoS dynamic clustering secure multicast scheme (QoS-DCSMS) based on Mobicast and multi-level IxTESLA protocol for large-scale tracking sensornets is presented in this paper. The multicast clusters are dynamically formed according to the real-time status of nodes, and the cluster-head node is responsible for status review and certificating management of cluster nodes to ensure the most optimized QoS and security of multicast in this scheme. Another contribution of this paper is the optimal QoS security authentication algorithm, which analyzes the relationship between the QoS and the level Mofmulti-level oTESLA. Based on the analysis and simulation results, it shows that the influence to the network survival cycle ('NSC) and real-time communication caused by energy consumption and latency in authentication is acceptable when the optimal QoS security authentication algorithm is satisfied.
文摘Since the 1970s, according to the international pension system reform trend for old-age social security system, no single institutional arrangement can ensure the functions of endowment security system to achieve the optimal.Therefore,how to based on the present situation of development, and to accurately, thus promote the resources integration, comprehensive build multi-level old-age security system, has important policy and practice significance.
