Blockchain-based high transparent PKI authentication protocol by Liquan CHEN, Xiao LI, Zheyi YANG, Sijie QIAN

“…The public key infrastructure (PKI), as an significant component of the current Internet security infrastructure, guarantees the information transmission with the necessary authenticity, integrity, confidentiality and non-repudiation.However, the existing PKI also has shortcomings of excessive power of certification authority and difficulties in revoking and querying.Blockchain can be used to solve those problems by leveraging its advantages, such as decentralization, high transparency and flat structure.Furthermore, the ability and efficiency of the entire Internet to establish trust relationships may be improved.The transparent public key infrastructure (PKI) certification protocol based on the blockchain was proposed.The TS-PBFT algorithm was designed in the proposed protocol by adopting the threshold signature technology to the Practical Byzantine fault tolerance (PBFT) algorithm.The TS-PBFT algorithm reduced the communication overhead via reducing the communication complexity, strengthened the supervision via introducing external monitoring mechanism in the master node election of the view change protocol, and also improved the performance of the consensus mechanism via adding a batch processing mechanism.Moreover, a transparent blockchain-based PKI certification protocol was designed.The proposed protocol increased the security of certificate revocation and query, it also improved the efficiency of the certificate query by the introduction of counting bloom filters.Besides, the proposed protocol added audit function into the certificate lifecycle management.Accordingly, it can supervise the behavior of the certificate authority (CA), prompt it to improve security standards, and then achieve the purpose of limiting its authority.According to the security analysis and efficiency experiments, the proposed protocol was equipped with security properties, such as the resistance to spoofing certificate application attacks, and it achieved the best performance on TLS/SSL handshake time compared with existing PKI protocols.…”
Get full text

Deep Recurrent Model for Server Load and Performance Prediction in Data Center by Zheng Huang, Jiajun Peng, Huijuan Lian, Jie Guo, Weidong Qiu

Get full text

Lightweight terminal cross-domain authentication protocol in edge computing environment by Hongying ZHU, Xinyou ZHANG, Huanlai XING, Li FENG

“…Edge computing has gained widespread usage in intelligent applications due to its benefits, including low latency, high bandwidth, and cost-effectiveness.However, it also faces many security challenges due to its distributed, real-time, multi-source and heterogeneous data characteristics.Identity authentication serves as the initial step for terminal to access to the network and acts as the first line of defense for edge computing.To address the security issues in the edge computing environment, a terminal cross-domain authentication protocol suitable for the edge computing environment was proposed based on the ＆quot;cloud-edge-end＆quot; three-level network authentication architecture.Access authentication was implemented between terminals and local edge nodes based on the SM9 algorithm, and session keys were negotiated.The secret key was combined with symmetric encryption technology and hash function to achieve cross-domain authentication for the terminal.The pseudonym mechanism was used in the authentication process to protect the privacy of end users.The terminal only needs to register once, and it can roam randomly between different security domains.BAN logic was used to prove the correctness of the protocol and analyze its security.The results show that this protocol is capable of resisting common attacks in IoT scenarios, and it features characteristics such as single sign-on and user anonymity.The performance of the cross-domain authentication protocol was evaluated based on computational and communication costs, and compared with existing schemes.The experimental results show that this protocol outperforms other schemes in terms of computational and communication costs, making it suitable for resource-constrained terminal devices.Overall, the proposed protocol offers lightweight and secure identity authentication within edge computing environments.…”
Get full text

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid by Jongbin Ko, Hyunwoo Lim, Seokjun Lee, Taeshik Shon

“…Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. …”
Get full text

Epidemiological Dynamics of Extended-Spectrum β-Lactamase- or AmpC β-Lactamase-Producing Escherichia coli Screened in Apparently Healthy Chickens in Uganda by Steven Kakooza, Damien Munyiirwa, Paul Ssajjakambwe, Edrine Kayaga, Dickson Stuart Tayebwa, Dickson Ndoboli, Loreen Basemera, Esther Nabatta, Maria Agnes Tumwebaze, John Baligwamunsi Kaneene

Get full text

Resilient Multipath Routing Mechanism Based on Clustering with Intrusion Tolerance by Shukui Zhang, Hongyan Zuo, Jianxi Fan, Juncheng Jia

“…However, in many special fields, network security is a basic and important factor which we must concern for. …”
Get full text

Price Surges in Basic Necessities — Redistribution of Burdens Required by Irene Becker

“…Appropriate measures would be the payment of inflation compensation for those receiving basic security, a reform of the updating of basic security benefits and an income-related transfer payment for households without basic security. …”
Get full text

Multi-replica provable data possession scheme supporting data dynamic updating by Long CHEN, Yu-zhu LUO

“…Considering the application demand of multiple replicas data security and data dynamic update,a multi-replica provable data possession scheme was proposed to supporting data dynamic updating.The original data file can be dynamically updated using dynamic verification structure.The other multiple-replica data files are just append with a log-record for each dynamic update operation.The multi-replica files support public auditability and batch verification.If the original data or any replica is corrupted or missing,it can be recovered to the latest status with another copy.The performances of the communication and storage as well as the security are analyzed.The results show that the scheme is efficient and secure.…”
Get full text

Nicolai Vasilyevich Ivanov: addition to biography of chekist-transport worker by V. P. Vasilevsky, A. V. Sushko

“…The article deals with the biography reconstruction of the chekist-transport worker (public security officer) N. V. Ivanov. The authors comes to the conclusion that the life and fate of N. …”
Get full text

Resource public key infrastructure RPKI: status and problems by Yingying SU, Dan LI, Honglin YE

“…The BGP (border gateway protocol) did not fully consider security issues at the beginning of its design.With the rapid growth of the Internet, its security risks have become incrementally obvious.Academia and industry have proposed many solutions to the security issues faced by inter-domain routing, and what is really deployed is the RPKI (resource public key infrastructure) promoted by the IETF (the Internet Engineering Task Force).The development status and research advances of RPKI were surveyed, with emphasis on problems of RPKI, existing solutions, and related limitations.Moreover, latest achievements on RPKI function extension were introduced.Finally, future research directions were concluded.…”
Get full text

Prioritas Investasi Keamanan Informasi Menggunakan Analytic Network Process (ANP) Bagi Pemerintah Daerah Provinsi Kalimantan Tengah by Ruby Haris, Alva Hendi Muhammad, Asro Nasiri

“…Surveys were conducted with decision-makers and technical managers related to information security. The results of the study show that decision-makers prioritize the information security management framework, while technical managers focus more on technological aspects. …”
Get full text

Identity based and key insulated cryptosystem by ZHOU Yuan1, QIN Bao-shan 2, CAO Zhen-fu 3

“…The method of key insulation to identity-cryptosystems was applied,for solving the key exposure problem ex-isting in the identity-based schemes were applied.After developing the formal secure model for identity-based and key insulated cryptosystems,a concrete scheme proved secure under this model was constructed.…”
Get full text

Virtualization and isolation technology in intelligent terminals by Yongjun HUANG, Huamin JIN, Guorong LIU, Dongxin LIU, Laifu WANG, Jun SHEN

“…With the improvement of computing capability and security requirements for intelligent terminals,the virtualization technology has been gradually developed and applied,which is originally created in the server and desktop computer industry.The application scenarios,a variety of different implementation and security requirements of virtualization were analyzed by contrasting to the computer servers.…”
Get full text

Revolutionizing healthcare delivery with blockchain technology by S Saravanan

“…By incorporating blockchain technology into the medical drone system, it is possible to improve the transparency and security of medical supply chains, as well as the tracking and monitoring of medical drones. …”
Get full text

DDoS attack detection and defense based on hybrid deep learning model in SDN by Chuanhuang LI, Yan WU, Zhengzhe QIAN, Zhengjun SUN, Weiming WANG

“…Software defined network (SDN) is a new kind of network technology,and the security problems are the hot topics in SDN field,such as SDN control channel security,forged service deployment and external distributed denial of service (DDoS) attacks.Aiming at DDoS attack problem of security in SDN,a DDoS attack detection method called DCNN-DSAE based on deep learning hybrid model in SDN was proposed.In this method,when a deep learning model was constructed,the input feature included 21 different types of fields extracted from the data plane and 5 extra self-designed features of distinguishing flow types.The experimental results show that the method has high accuracy,it’s better than the traditional support vector machine (SVM) and deep neural network (DNN) and other machine learning methods.At the same time,the proposed method can also shorten the processing time of classification detection.The detection model is deployed in SDN controller,and the new security policy is sent to the OpenFlow switch to achieve the defense against specific DDoS attack.…”
Get full text

VHSAP-based approach of defending against DDoS attacks for cloud computing routing platforms by UZhi-jun W, UIYi C, UEMeng Y

“…Based on the analysis of security overlay service (SOS) approach of defending against DDoS attacks in large scale network,the vulnerability in the exit mechanism of being attacked nodes in SOS approach is explored.The vulnerability is solved by improving the Chord algorithm according to the routing strategy in cloud computing.Hence,the virtualization hash security access path (VHSAP) in three-layer structure is proposed to protect the cloud computing platform.In VHSAP,the heartbeat mechanism is applied to realize virtual nodes by using the virtual technology.Therefore,the virtual nodes have the ability of resilience,which can complete the seamless switching between being attacked nodes in cloud computing platform,and guarantee the legitimate user's authority of accessing to the resource in cloud computing platform.Experiments of VHSAP defending against DDoS attacks are carried out in simulation network environment.The parameters,such as the number of being attacked nodes in hash secure access path (HSAP),and the switching time and the handoff delay between nodes,are focused in experiments.The result shows that VHSAP achieves a higher data pass rate than that of SOS approach,and enhances the security of cloud computing platform.…”
Get full text

On the Potential of Algorithm Fusion for Demographic Bias Mitigation in Face Recognition by Jascha Kolberg, Yannik Schäfer, Christian Rathgeb, Christoph Busch

Get full text

Malware Detection in Self-Driving Vehicles Using Machine Learning Algorithms by Seunghyun Park, Jin-Young Choi

“…Thus, intrusion detection is a key network security function in vehicles with open connectivity, such as self-driving and connected cars. …”
Get full text

Film and Television Animation Sensing and Visual Image by Computer Digital Image Technology by Lu Lian, Tong Lei

“…The proposed steganographic image enhancement algorithm by image preprocessing has higher security and better image enhancement effect.…”
Get full text

Downlink and Uplink Cooperative Transmission for Primary Secrecy Based Cognitive Radio Sensor Networks by Dawei Wang, Pinyi Ren, Qinghe Du, Li Sun, Yichen Wang

“…Aiming at allocating more licensed spectrum to wireless sensor nodes (SNs) under the constraint of the information security requirement of the primary system, in this paper, we propose a cooperative relaying and jamming secure transmission (CRJS) scheme in which SNs will relay primary message and jam primary eavesdrop concurrently with SN's downlink and uplink information transmission in cognitive radio sensor networks (CRSNs). …”
Get full text