Traditional multi-level security(MLS)systems have the defect of centralizing authorized facilities,which is difficult to meet the security requirements of modern distributed peer-to-peer network architecture.Blockchai...Traditional multi-level security(MLS)systems have the defect of centralizing authorized facilities,which is difficult to meet the security requirements of modern distributed peer-to-peer network architecture.Blockchain is widely used in the field of access control with its decentralization,traceability and non-defective modification.Combining the blockchain technology and the Bell-LaPadula model,we propose a new access control model,named BCBLPM,for MLS environment.The“multi-chain”blockchain architecture is used for dividing resources into isolated access domains,providing a fine-grained data protection mechanism.The access control policies are implemented by smart contracts deployed in each access domain,so that the side chains of different access domains storage access records from outside and maintain the integrity of the records.Finally,we implement the BC-BLPM prototype system using the Hyperledger Fabric.The experimental and analytical results show that the model can adapt well to the needs of multi-level security environment,and it has the feasibility of application in actual scenarios.展开更多
In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed ...In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance-Based LAR.The improved Secure Trust-based Location-Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding.Simulation results reveal that ST-LAR can resist attacks by malicious nodes effectively;furthermore,it also achieves better performance than DBLAR in terms of average end-to-end delay,packet delivery success ratio and throughput.展开更多
We consider a scenario where an unmanned aerial vehicle(UAV),a typical unmanned aerial system(UAS),transmits confidential data to a moving ground target in the presence of multiple eavesdroppers.Multiple friendly reco...We consider a scenario where an unmanned aerial vehicle(UAV),a typical unmanned aerial system(UAS),transmits confidential data to a moving ground target in the presence of multiple eavesdroppers.Multiple friendly reconfigurable intelligent surfaces(RISs) help to secure the UAV-target communication and improve the energy efficiency of the UAV.We formulate an optimization problem to minimize the energy consumption of the UAV,subject to the mobility constraint of the UAV and that the achievable secrecy rate at the target is over a given threshold.We present an online planning method following the framework of model predictive control(MPC) to jointly optimize the motion of the UAV and the configurations of the RISs.The effectiveness of the proposed method is validated via computer simulations.展开更多
A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lowe...A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lower layer relationalintegrity is presented after we analyze and eliminate the covert channels caused by the database integrity.Two SQL statements are extended to process polyinstantiation in the multilevel secure environment.The system based on the multilevel secure relation hierarchical data model is capable of integratively storing and manipulating complicated objects ( e.g. , multilevel spatial data) and conventional data ( e.g. , integer, real number and character string) in multilevel secure database.展开更多
The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model ...The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model (BPR2000) and the Canetti & Krawczyk (2001) model (CK2001) are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.展开更多
This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level securi...This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level security(MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework,and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model,while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present,our MAC framework fills the blank by applying Virt-BLP model to Xen,which is better than current researches to guarantee the security of communication between virtual machines(VMs) . The experimental results show that our MAC framework is effective to manage the communication between VMs.展开更多
Wireless Body Area Networks(WBANs)refer to small sensor network that consists of sensor devices mounted on the surface of the body or implanted in the body,as such networks are employed to harvest physiological data o...Wireless Body Area Networks(WBANs)refer to small sensor network that consists of sensor devices mounted on the surface of the body or implanted in the body,as such networks are employed to harvest physiological data of the human body or to act as an assistant regulator of several specific physiological indicators of the human body.The sensor devices transmit the harvested human physiological data to the local node via a public channel.Before transmitting data,the sensor device and the local node should perform mutual authentication and key agreement.It is proposed in this paper a secure mutual authentication scheme of blockchain-based in WBANs.To analyze the security of this scheme,formal security analysis,and informal security analysis are used,then the computation and communication costs are compared with those of the relevant schemes.Relevant experimental results reveal that the proposed scheme exhibit more effective control over energy consumption and promising.展开更多
At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access con...At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access control (MAC) and MLS in virtual machine system,this paper designs Virt-BLP model,which is based on BLP model.For the distinction between virtual machine system and non-virtualized system,we build elements and security axioms of Virt-BLP model by modifying those of BLP.Moreover,comparing with BLP,the number of state transition rules of Virt-BLP is reduced accordingly and some rules can only be enforced by trusted subject.As a result,Virt-BLP model supports MAC and partial discretionary access control (DAC),well satisfying the requirement of MLS in virtual machine system.As space is limited,the implementation of our MAC framework will be shown in a continuation.展开更多
Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the app...Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.展开更多
An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two shor...An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.展开更多
Typical isolation models are studied and a New Application Security Isolation model called NASI is proposed, which is based on trusted computing technology and least privilege principle. This paper introduces the desi...Typical isolation models are studied and a New Application Security Isolation model called NASI is proposed, which is based on trusted computing technology and least privilege principle. This paper introduces the design ideas of NASI, gives out formal description and safety analysis for the model, and finally describes the implementation of prototype system based on NASI.展开更多
Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in ...Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.展开更多
Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if th...Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.展开更多
Gas flexible pipes are critical multi-layered equipment for offshore oil and gas development.Under high pressure conditions,small molecular components of natural gas dissolve into the polymer inner liner of the flexib...Gas flexible pipes are critical multi-layered equipment for offshore oil and gas development.Under high pressure conditions,small molecular components of natural gas dissolve into the polymer inner liner of the flexible pipes and further diffuse into the annular space,incurring annular pressure build-up and/or production of acidic environment,which poses serious challenges to the structure and integrity of the flexible pipes.Gas permeation in pipes is a complex phenomenon governed by various factors such as internal pressure and temperature,annular structure,external temperature.In a long-distance gas flexible pipe,moreover,gas permeation exhibits non-uniform features,and the gas permeated into the annular space flows along the metal gap.To assess the complex gas transport behavior in long-distance gas flexible pipes,a mathematical model is established in this paper considering the multiphase flow phenomena inside the flexible pipes,the diffusion of gas in the inner liner,and the gas seepage in the annular space under varying permeable properties of the annulus.In addition,the effect of a variable temperature is accounted.A numerical calculation method is accordingly constructed to solve the coupling mathematical equations.The annular permeability was shown to significantly influence the distribution of annular pressure.As permeability increases,the annular pressure tends to become more uniform,and the annular pressure at the wellhead rises more rapidly.After annular pressure relief followed by shut-in,the pressure increase follows a convex function.By simulating the pressure recovery pattern after pressure relief and comparing it with test results,we deduce that the annular permeability lies between 123 and 512 m D.The results help shed light upon assessing the annular pressure in long distance gas flexible pipes and thus ensure the security of gas transport in the emerging development of offshore resources.展开更多
文摘Traditional multi-level security(MLS)systems have the defect of centralizing authorized facilities,which is difficult to meet the security requirements of modern distributed peer-to-peer network architecture.Blockchain is widely used in the field of access control with its decentralization,traceability and non-defective modification.Combining the blockchain technology and the Bell-LaPadula model,we propose a new access control model,named BCBLPM,for MLS environment.The“multi-chain”blockchain architecture is used for dividing resources into isolated access domains,providing a fine-grained data protection mechanism.The access control policies are implemented by smart contracts deployed in each access domain,so that the side chains of different access domains storage access records from outside and maintain the integrity of the records.Finally,we implement the BC-BLPM prototype system using the Hyperledger Fabric.The experimental and analytical results show that the model can adapt well to the needs of multi-level security environment,and it has the feasibility of application in actual scenarios.
基金supported by National Key Basic Research Program(973 Program) under Grant No.2011CB302903National Natural Science Foundation under Grant No.60873231+1 种基金Key Program of Natural Science for Universities of Jiangsu Province under Grant No.10KJA510035Scientific Research Foundation of NJUPT under Grant No.NY209016,China
文摘In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance-Based LAR.The improved Secure Trust-based Location-Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding.Simulation results reveal that ST-LAR can resist attacks by malicious nodes effectively;furthermore,it also achieves better performance than DBLAR in terms of average end-to-end delay,packet delivery success ratio and throughput.
基金funding from the Australian Government,via grant AUSMURIB000001 associated with ONR MURI Grant N00014-19-1-2571。
文摘We consider a scenario where an unmanned aerial vehicle(UAV),a typical unmanned aerial system(UAS),transmits confidential data to a moving ground target in the presence of multiple eavesdroppers.Multiple friendly reconfigurable intelligent surfaces(RISs) help to secure the UAV-target communication and improve the energy efficiency of the UAV.We formulate an optimization problem to minimize the energy consumption of the UAV,subject to the mobility constraint of the UAV and that the achievable secrecy rate at the target is over a given threshold.We present an online planning method following the framework of model predictive control(MPC) to jointly optimize the motion of the UAV and the configurations of the RISs.The effectiveness of the proposed method is validated via computer simulations.
文摘A multilevel secure relation hierarchical data model for multilevel secure database is extended from the relation hierarchical data model in single level environment in this paper. Based on the model, an upper lower layer relationalintegrity is presented after we analyze and eliminate the covert channels caused by the database integrity.Two SQL statements are extended to process polyinstantiation in the multilevel secure environment.The system based on the multilevel secure relation hierarchical data model is capable of integratively storing and manipulating complicated objects ( e.g. , multilevel spatial data) and conventional data ( e.g. , integer, real number and character string) in multilevel secure database.
文摘The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model (BPR2000) and the Canetti & Krawczyk (2001) model (CK2001) are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.
基金supported by National Key Basic Research and Development Plan (973 Plan) of China (No. 2007CB310900)National Natural Science Foundation of China (No. 90612018, 90715030 and 60970008)
文摘This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level security(MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework,and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model,while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present,our MAC framework fills the blank by applying Virt-BLP model to Xen,which is better than current researches to guarantee the security of communication between virtual machines(VMs) . The experimental results show that our MAC framework is effective to manage the communication between VMs.
基金supported by the National Natural Science Foundation of China(Grant Nos.61872138&61572188)。
文摘Wireless Body Area Networks(WBANs)refer to small sensor network that consists of sensor devices mounted on the surface of the body or implanted in the body,as such networks are employed to harvest physiological data of the human body or to act as an assistant regulator of several specific physiological indicators of the human body.The sensor devices transmit the harvested human physiological data to the local node via a public channel.Before transmitting data,the sensor device and the local node should perform mutual authentication and key agreement.It is proposed in this paper a secure mutual authentication scheme of blockchain-based in WBANs.To analyze the security of this scheme,formal security analysis,and informal security analysis are used,then the computation and communication costs are compared with those of the relevant schemes.Relevant experimental results reveal that the proposed scheme exhibit more effective control over energy consumption and promising.
基金Acknowledgements This work was supported by National Key Basic Research and Development Plan (973 Plan) of China (No. 2007CB310900) and National Natural Science Foundation of China (No. 90612018, 90715030 and 60970008).
文摘At present,there are few security models which control the communication between virtual machines (VMs).Moreover,these models are not applicable to multi-level security (MLS).In order to implement mandatory access control (MAC) and MLS in virtual machine system,this paper designs Virt-BLP model,which is based on BLP model.For the distinction between virtual machine system and non-virtualized system,we build elements and security axioms of Virt-BLP model by modifying those of BLP.Moreover,comparing with BLP,the number of state transition rules of Virt-BLP is reduced accordingly and some rules can only be enforced by trusted subject.As a result,Virt-BLP model supports MAC and partial discretionary access control (DAC),well satisfying the requirement of MLS in virtual machine system.As space is limited,the implementation of our MAC framework will be shown in a continuation.
文摘Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.
基金The National Natural Science Foundationof China (No.60703048)the Natural Science Foundationof Hubei Province (No.2007ABA313)
文摘An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.
文摘Typical isolation models are studied and a New Application Security Isolation model called NASI is proposed, which is based on trusted computing technology and least privilege principle. This paper introduces the design ideas of NASI, gives out formal description and safety analysis for the model, and finally describes the implementation of prototype system based on NASI.
基金This work is supported by National Natural Science Foundation of China under contract 60902008.
文摘Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.
基金supported by the 2018 Industrial Internet Innovation and Development Project--Industrial Internet Identification Resolution System National Top-Level Node Construction Project (Phase Ⅰ)
文摘Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.
基金supported by the Natural Science Research Project of Guangling College of Yangzhou University,China (ZKZD18004)General Program of Natural Science Research in Higher Education Institutions of Jiangsu Province,China (20KJD430006)。
文摘Gas flexible pipes are critical multi-layered equipment for offshore oil and gas development.Under high pressure conditions,small molecular components of natural gas dissolve into the polymer inner liner of the flexible pipes and further diffuse into the annular space,incurring annular pressure build-up and/or production of acidic environment,which poses serious challenges to the structure and integrity of the flexible pipes.Gas permeation in pipes is a complex phenomenon governed by various factors such as internal pressure and temperature,annular structure,external temperature.In a long-distance gas flexible pipe,moreover,gas permeation exhibits non-uniform features,and the gas permeated into the annular space flows along the metal gap.To assess the complex gas transport behavior in long-distance gas flexible pipes,a mathematical model is established in this paper considering the multiphase flow phenomena inside the flexible pipes,the diffusion of gas in the inner liner,and the gas seepage in the annular space under varying permeable properties of the annulus.In addition,the effect of a variable temperature is accounted.A numerical calculation method is accordingly constructed to solve the coupling mathematical equations.The annular permeability was shown to significantly influence the distribution of annular pressure.As permeability increases,the annular pressure tends to become more uniform,and the annular pressure at the wellhead rises more rapidly.After annular pressure relief followed by shut-in,the pressure increase follows a convex function.By simulating the pressure recovery pattern after pressure relief and comparing it with test results,we deduce that the annular permeability lies between 123 and 512 m D.The results help shed light upon assessing the annular pressure in long distance gas flexible pipes and thus ensure the security of gas transport in the emerging development of offshore resources.
