Table of Content

    15 July 2016, Volume 2 Issue 7
    “Internet +”Power: The Information Security and Strategic Layout of Lenovo on the Basis of “Internet +” Background
    2016, 2(7):  574-586. 
    Asbtract ( )   PDF (3175KB) ( )  
    Related Articles | Metrics
    Analysis on CFL Provable Security
    2016, 2(7):  589-599. 
    Asbtract ( )   PDF (7813KB) ( )  
    References | Related Articles | Metrics
    Proven security theory of public key cryptography algorithm clears the defination of the security of cryptography; Establish a basic definition, general cryptography research method based on the reduction to prove; Through strict proof,it combines the safety of the system and the known computational problem or cryptography. Proven security theory research pushs forward the standardization of the password system, a lot of standardization organization puts cryptosystem security certification as one of the password systems essential security properties, it requires new submission criteria of cryptography algorithm to be able to pass the security certificate, currently USES cryptography standards comply with this safety standards. It is proved that CFL is Provable Security with its private key being unrecoverable, and with EUFCMA under some conditions.
    Comparative Study on the Properties of CFL
    2016, 2(7):  600-607. 
    Asbtract ( )   PDF (5745KB) ( )  
    References | Related Articles | Metrics
    Based on the abstract workflow of PKI, IBC and CFL, this paper makes the comparative research of PKI, IBC and CFL, from the independence between users working key and centers key, the function of the users information in certificate, the production methods to identity as public key, one person one private key, individual identification, security degree of center, isolation between users work and its entity being proved, selforganization ability in application, protection of personal privacy, computing speed, application environment, program being authentication, cost of the building and being used, then the Properties of CFL are given clearly.
    Study on the CFL Trust Authentication
    2016, 2(7):  608-621. 
    Asbtract ( )   PDF (9423KB) ( )  
    References | Related Articles | Metrics
    This paper shows a schematic diagram about the relationship between trusted computing and information security through analyzing the trusted computing,authentication techniques and authentication systems. Moreover, it not only makes a detailed analysis and comparison about various smart card authentication technology and also gives further definition of trust authentication that is if all the computation in the authentication systems is trusted, the authentication system is trusted. At last, it proves that if the CFL users are based on the independent hardware and CFL certificate generation center is also based on the independent hardware calculation, then the CFL authentication system can be trusted.
    CFL is Statistical Zero Knowledge Proof System
    2016, 2(7):  621-627. 
    Asbtract ( )   PDF (4887KB) ( )  
    References | Related Articles | Metrics
    In the computational complexity theory, since the idea of zero knowledge proof was put forward, the research of both parties certification real identity has increasingly become a hot field among many people. If found that by observing the authentication protocol is to satisfy a zero knowledge proof system, the system scheme based on a corresponding certificate would be interpreted as safe.On the basis of multituple, some basic concepts such as interaction zero knowledge proof, knowledge zero knowledge proof, noninteractive zeroknowledge proof are combeded. CFL is an interactive proof system of membership and statistical zeroknowledge proof system.
    Study on the CFL‘s Key Management
    2016, 2(7):  628-638. 
    Asbtract ( )   PDF (8781KB) ( )  
    References | Related Articles | Metrics
    Key management is the core problem of network system security, which deals with the correlative problems from key being generated to ultimately destroyed,it includes key generation, key backup, key storage, key usage,key exchange,key renovation,key destruction,and etc. The security and privacy management personnel for secretinvolved system management personnel,security and privacy management personnel,and security audit personnel. This thesis aims at the analysis and research on the theoritical and technological key management.On the summary of the key management, the basic requirement about the key management of CFL is given..And analyze the respective responsibilities of these three security and privacy management personnel stipulated in the state security standard
    CFL’s Schemes for Classical Information Security Problems
    2016, 2(7):  639-648. 
    Asbtract ( )   PDF (8174KB) ( )  
    References | Related Articles | Metrics
    With the rapid development of information technology,the information security problem has been attaching more and more attention. The CFL,which can be achieved to the identity authentication, key exchange and encryption and decryption, is suitable for solving the information security problems from cloud computing, industrial control systems, big data and so on. Eight CFLs Schemes for classical information security problems are given, the superiorities of those are introduced.
    The Overview of Authentication Systems
    2016, 2(7):  649-659. 
    Asbtract ( )   PDF (7485KB) ( )  
    References | Related Articles | Metrics
    The security problems of internet are more and more serious because of its openness and anonymity. The first step of the network security authentication scheme is certification system. It ensures that the information resources transmitted on network can only be accessed by legitimate users, so that the identity authentication technology is the foundation of the whole information security. It also becomes one important aspect of the network security, this paper summarizes the functions and shortages of PKI certificate authentication system and IBC identity authentication system based on the introduction of them. The characteristics of the CFL are introduced preliminarily.
    The Method and Realization of Android Applications Malicious Code Static Injection
    2016, 2(7):  660-664. 
    Asbtract ( )   PDF (5039KB) ( )  
    References | Related Articles | Metrics
    With the development of Android, it is facing more and more security threats, the number of malicious software also showed explosive growth. Malicious code injection has always been an important way of malicious software. By introducing the Android application program malicious code injection principle, it can provide ideas for the developer to protect their own code better. This paper introduces the injection process from three aspects of basing on the program entry point, basing on the broadcast mechanism and tampering with Dalvik byte code. In the implementation of the program entry point injection, a method to replace the interface of the original program with invisible interface is proposed and the malicious code injection experiment is operated for the WiFi universal assistant application, which has a better hiding effect. In the injection of malicious code based on broadcast mechanism, in the injection experiment for different types of applications achieve the boot from the start and the intercept messages. In the implementation of tampering with the byte code injection, the injection experiments for the application of "the Chinese calendar" prove the feasibility of realizing the malicious code static injection by the way to tamper with Dalvik byte code. Finally, this paper proposes a series protection methods of application aimed at various ways of static injection against malicious code, and it can protect the software better with the comprehensive utilization of these methods.
    The Development Status and Tendency of Internet Trusted Identity Management
    2016, 2(7):  666-668. 
    Asbtract ( )   PDF (1518KB) ( )  
    Related Articles | Metrics