Table of Content

    15 June 2016, Volume 2 Issue 6
    “Internet +”Power: The Information Security and Strategic Layout of Huawei on the Basis of “Internet +” Background
    2016, 2(6):  478-489. 
    Asbtract ( )   PDF (930KB) ( )  
    Related Articles | Metrics
    Steganalysis of the Big Data over Network
    2016, 2(6):  490-500. 
    Asbtract ( )   PDF (10063KB) ( )  
    Related Articles | Metrics
    With the explosive growth of information on the Internet, information security has caused wide public concern over the recent years. Steganalysis as a popular direction in the field of information security, is also facing the challenges posed by big data. The data over network always presents in huge amount and comes from multiple sources and different qualities, which makes the steganalysis methods under laboratory become invalid. This paper takes digital images as an example, at first introduces the research situation of steganalysis under laboratory environment, and then analyzes the characteristics of image under the big data over network. Steganalysis methods under laboratory always have dramatic performance decrease under the big data over network by experiment. The paper focuses on the research on the mismatch of steganalysis of the big data over networks, researches on the key technology and the latest progress form four aspects which are the research on the data set, the process on the feature, the improvement of the classifier and the change of steganalysis framework . In the end, the potential problems and future challenges of steganalysis of the big data over network are pointed out, which provide a relatively comprehensive reference basis for future research.
    An Overview and Trends on Digital Image Source Forensics
    2016, 2(6):  501-511. 
    Asbtract ( )   PDF (10395KB) ( )  
    References | Related Articles | Metrics
    The characteristic of editing and forging digital media makes the authenticity of multi media encountering great challenges in digital age. Due to that, the digital image forensics, which focuses on the source identifiability, content authenticity and information integrity of digital images, has become a hot research issue in multimedia information security field. Focusing on the issue of source identification of digital images, the paper first illustrates the existing general research model and framework. Based on the overview of current typical algorithms from the perspective of device based, model based and camera based source identification respectively, the problems and trends of source identification of digital images are introduced and analyzed. Finally, this paper draws the conclusion and shows the prospect of digital image source identification.
    Security Authentication Protocol Based on Grain-v1 in National Military Standard
    2016, 2(6):  513-518. 
    Asbtract ( )   PDF (4984KB) ( )  
    References | Related Articles | Metrics
    As the security problems in RFID become more and more serious, secure communication is receiving more and more attention. The premise of secure communication is security authentication protocol and security encryption. The paper proposes the security mechanism combining Grain-v1 algorithm and security authentication protocol in homegrown standard. This paper discusses the advantages and disadvantages of both foreign standards and homegrown standard about RFID, and we explain bidirectional authentication protocol and secure communication protocol in detail. Taking the use of less resource and easier implementation into consideration, we choose Grain-v1 stream cipher and illustrate its algorithm principle, analyze the changes of internal state and design hardware architecture, this paper implements simulation and debugging on software. At last, we discuss the grain-s security safety and its improvement.
    The Application Research of Reliable Electronic Signature in the Field of Arbitration
    2016, 2(6):  519-522. 
    Asbtract ( )   PDF (1257KB) ( )  
    References | Related Articles | Metrics
    Online arbitration, as an online dispute resolution mechanism, is an innovative processing way to traditional arbitration. However, due to the characteristic of electronic data not easy to solidify, the electronic evidence generated in online arbitration has a lot of potential risks in information collection, storage, transmission and application stage. This paper discusses the evidence solidification way based on reliable electronic signature, which can ensure the authenticity, integrity and validity of electronic evidence. And according to the emerging demand of the arbitration field, a reliable electronic signature arbitration evidence solidification solution is proposed, which is based on the third party of authentication and digital signature.
    Application Technology of Electronic Authentication Based on USBKey in Domestic Operating System
    2016, 2(6):  523-526. 
    Asbtract ( )   PDF (2841KB) ( )  
    References | Related Articles | Metrics
    This article mainly introduced the electronic certification based on USBKey in domestic operating systems, and application of several technical methods is discussed in detail the technical process. These methods can be applied to Aisino corporation independent research and development of USBKey products combined with the depth of the domestic related to the underlying operating system and application, realizing the safe and reliable electronic authentication system.
    Direction Meter Against Theft for Laptop Computer and Wireless Authentication Policy
    2016, 2(6):  527-532. 
    Asbtract ( )   PDF (4457KB) ( )  
    References | Related Articles | Metrics
    Once the laptop computer with classified information got lost or was stolen, it would lead to inestimable loss. Aiming at improving the burglarproof technology of military laptop information, this paper introduced a burglarproof alarm scheme used in master-slave computer system, which is based on bidirectional wireless communication technology. It designed physical isolation between slave devices and computer main-board of alarming system in computer case for protecting information from electromagnetism leakage. By adjusting transmit power and receiver sensitivity of wireless communication module in master-slave computer of alarm system, it is possible to make master give a warning signal and control the slave to response, when the distance of device taker and military laptop which equipped with alarm system is larger than the threshold. Enhance the wireless authentication and insure the communications security between master and slave by using custom protocol communication. According to the test verification of prototype, the feasibility of this method was proved.
    Research on Security Policy of Information Platform User's Password in University
    2016, 2(6):  533-536. 
    Asbtract ( )   PDF (3202KB) ( )  
    References | Related Articles | Metrics
    This paper studies university information platform user password security policies, by analyzing the threats and vulnerabilities faced in the process of password creation, storage and transmission, and password policy, combined with the attacker to steal user passwords may take means of attack, the design of the dynamic mixing of challenge response and salted hash algorithm based on encryption strategy, realize the password in the process of transmission and storage shall not expressly exists, in the cipher text level to achieve a one-time-pad encrypt and irreversible operation, for the user provided password expressly not stolen safety certification process. At last, some suggestions are put forward on password management and user's habit.
    Research on the Construction of the National Cyber?Space Governance Hierarchy
    2016, 2(6):  537-542. 
    Asbtract ( )   PDF (5059KB) ( )  
    References | Related Articles | Metrics
    Cyber-Space Governance is the activity and process of the use and development of the Cyber-Space, which is implemented by the government, enterprises and other multiple subjects. Unlike “top-down” form of Internet management, Cyber-Space governance participation diversification, process management emphasizes on the interaction, mutual cooperation and mutual agreement, the roles and functions of the government from direct command and monitoring to aggregate and integrate a variety of resources, and to promote cooperation between stakeholders, sharing, coordination and conflict solution. At present, the international community has reached a consensus on the need for governance, governance objectives and scope of cyberspace. In recent years, our government led governance model has achieved initial success, but there are still a lot of urgent needs to crack the problem. To meet the needs of the new situation, the government guidance gives full play to the role of social forces, from the system, mechanism and legal system, building a national network of space governance system without delay. This paper mainly focuses on the necessity of the governance of the network space, the idea and the goal of the national cyberspace governance, and the three levels of the main task of the construction of the national cyberspace governance system.
    Electronic Authentication in a Trusted Electronic License Application
    2016, 2(6):  543-547. 
    Asbtract ( )   PDF (3523KB) ( )  
    References | Related Articles | Metrics
    With the rapid development of information technology, social life and government public works are also shifting. In order to improve the administrative efficiency and service level, government began to push forward the Electronic license, so as to promote web-based applications. The authenticity and credibility of credible Electronic license are the key to put an end to false license and to guarantee web-based applications. The article combined the electronic authentication technology and the credible legal basis for the electronic license, used the two-dimensional code and digital signature technology, discussed the technology of electronic authentication in trusted electronic certification application scenarios from the generation of credible electronic license, the security of elimination false license's printing, verification and the credible electronic license, and point out its effect
    An Analysis Model and Application for Mobile Payment
    2016, 2(6):  548-552. 
    Asbtract ( )   PDF (3858KB) ( )  
    References | Related Articles | Metrics
    This paper has proposed a model to analyze the role of mobile terminals in mobile payment, taken some maps in kinds of mobile payment solutions based on the model, and proved that the mapping objects of mobile terminals are different in different mobile payment solutions. At the same time, this paper also provides existing standardized equipment in view of related objects, to use a reference to normalize the cryptography and information security requirements of mobile terminals ,and proves the practicability of the model.
    Application Technology of Electronic Authentication Based on USBKey in Domestic Operating System
    2016, 2(6):  553-557. 
    Asbtract ( )  
    References | Related Articles | Metrics
    This paper researches on electronic authentication in cloud computing and analyzes the deficiencies of mainstream authentication methods. We propose a more accurate and secure authentication solution using behavior and active privileges recognition technology. This solution can implement behavior-based active privileges recognition and choose adaptively whether to use high-strength safety certification. It also prevents hacking effectively and reduces the threats on security Certification.
    The Application of Cryptography Resource System in Cloud Computing
    2016, 2(6):  558-561. 
    Asbtract ( )   PDF (3534KB) ( )  
    References | Related Articles | Metrics
    In cloud computing, we protect information system and huge amounts of data by the cryptographic techniques, each business application system needs large capacity and reliable cloud cryptographic service to protect information security and efficiently use cloud cryptography resources and effective key management. In this paper, we put forward a cryptography resource system to effectively manage cryptography resource in cloud computing environment. The system provides the whole life cycle of key and cryptographic device. Through hardware virtualization technology, the system can provide high speed, reliable, scalable cryptographic service for multiple application system. It effectively improves the utilization of cryptography resources and reduces the risk of the key management and application.
    The Information Security Assurance of Civil Aviation Information System in the United States
    Wu Zhijun
    2016, 2(6):  562-567. 
    Asbtract ( )   PDF (5483KB) ( )  
    References | Related Articles | Metrics
    Nowadays, the information security of civil aviation information system is facing a serious threat. In order to protect the safe operation of air transportion, the US Federal Aviation Administration (FAA) developed the civil aviation information system (Information System Security, ISS) program. In this paper, the ISS program of FAA is studied, the hierarchical model and core content of ISS are introduced, and the requirements of each level are explained. Then, the suggestions of information security assurance for civil aviation information system are given.
    The Development Trend and Critical Capacities of “Security as Cloud Service”
    2016, 2(6):  568-572. 
    Asbtract ( )   PDF (776KB) ( )  
    Related Articles | Metrics