Table of Content

15 January 2018, Volume 4 Issue 1

Previous Issue    Next Issue

Build an Independent IT Eco-System as the Basement of Network Security

2018, 4(1):  2-5. 

Asbtract ( )   PDF (668KB) ( )  

Related Articles | Metrics

Autonomy and Controllability are Necessary Conditions for Ensuring Cyber Scurity

2018, 4(1):  6-7. 

Asbtract ( )   PDF (576KB) ( )  

Related Articles | Metrics

Preliminary Study on the Independent Research and Development Elements of Domestic CPU

2018, 4(1):  10-14. 

Asbtract ( )   PDF (3474KB) ( )  

References | Related Articles | Metrics

Domestic CPU independent research and development is the premise of promoting the security and controllable information technology and industry development. To develop security and controllable CPU, we must first take the Independently controllable as the approach, and take the safety and controllable as the target, and develop with our own ability. Secondly, the cooperative development model based on CPU technology authorization needs to be considered in many ways to maximize CPU technology independent development. Based on the research and development capacity building, the breakthrough and leapforward development of core technologies can finally be realized.

Deepin Anything Fast Retrieval Research

2018, 4(1):  15-23. 

Asbtract ( )   PDF (6426KB) ( )  

References | Related Articles | Metrics

In order to be able to provide users with a high-speed file search function based on file name search, we introduced "anything fast retrieval" technology. This paper introduces the design of “anything fast retrieval” technology in indexing technology in detail, and makes a theoretical analysis of the technical solutions, and gives a detailed analysis and explanation of the verification methods and verification conclusions of the technical solutions. “Anything Fast Retrieval” technology provides nearly 500 times more efficiency in file-name-based fast retrieval compared to the traditional used search techniques in today's Linux desktops OS.

Database localization of alternative are faced with the problem and countermeasure research

2018, 4(1):  24-30. 

Asbtract ( )   PDF (5874KB) ( )  

References | Related Articles | Metrics

Information system construction in recent years, more and more emphasis on information system based on the national ecological environment production independently controllable. Database management system software and homebred CPU, operating system, middleware, application of upstream and downstream products such as adaptation, adjust and optimize the work, on multiple levels, solved many problems. But from the early stage of the exposed, and the existing solutions, if you want to more extensive popularized to more core, higher-end industries and areas completely independently controlled overall solution, there are still many problems. Aiming at the existing problems, and to realize localization of alternative, requires from multiple technical direction of technology research and development and technical updates, in response to the needs and problems.

Research on Domestic Security Browser

2018, 4(1):  31-39. 

Asbtract ( )   PDF (6967KB) ( )  

References | Related Articles | Metrics

This paper surveys the current circumstances of the mainstream internet browser software in using. Base on the systematically study of the techniques of security browser, we proposed a brand new technical architecture of the domestic security browser，including domestic CPU and operating system oriented browser source code adapting technology, autonomous trust system based on domestic cipher algorithm, virtual desktop security architecture, browser security sandbox technology, and compatibility of browser. This architecture can totally support the domestic platform, thus it makes a new progress of the nationalization of the information platform.

YOZO Office in the Design of Security Innovation

2018, 4(1):  40-44. 

Asbtract ( )   PDF (3874KB) ( )  

References | Related Articles | Metrics

The originality of software is first embodied in the design concept, From the beginning of design, the unique file structure is adopted, and a complete set of data structure is defined in the way of integration. From the file structure, the use of experience, data management, office software for a comprehensive innovation design and deconstruction.In object oriented programming, objects are the basic operating entities in the system, and the collection of code and data. Office software application software as the basis of data objects with the whole process of running the program, for the further research and use throughout the program design, characteristics of data object, which has more complex document structures in the program to run. Through the application of data oriented repository system, the security of documents can be ensured, so as to achieve more effective control and protection of documents.

An Overview of Trusted Computing Applicaiton in Operating System

2018, 4(1):  45-52. 

Asbtract ( )   PDF (4733KB) ( )  

References | Related Articles | Metrics

The operating system (OS) is a system software that manages both the hardware and the software resources in a computer，thus its security is of significant importance. As a major component of the new generation security technology, trusted computing is applied to virtualization，cloud computing while merging into the OS development and forming a new trusted OS. This paper describes the application and trending of trusted computing，including trusted virtualization platform，trusted cloud，and solution scheme of industrial control system based on trusted computing. It specifically narrates the trusted OS，a hybrid of trusted computing nested into the OS，including its concept，architecture and key technologies related，the enhancement on the OS security，and the elevation of users’s experience.

Application And Research Of DPDK On Domestic SW Processor Platform

2018, 4(1):  53-62. 

Asbtract ( )   PDF (7992KB) ( )  

References | Related Articles | Metrics

The development of autonomous controllable processors is of great strategic significance to the construction of socialism with Chinese characteristics in a new era in our country. After more than a decade of development, China-made Shenwei processors have made remarkable achievements in supercomputer and other fields and have basically got the ability to contend with today's advanced international processors.DPDK is a set of data plane development tools provided by intel, which is composed of a series of function libraries and network card drivers. Developers can use these libraries for secondary development to quickly process network data packets. Based on the DPDK, the user-mode network protocol stack is implemented, and the user-mode protocol stack avoids interruptions and avoids unnecessary context switching, making a true zero-copy and becoming more and more important in cloud computing and big data scenarios. DPDK is playing an increasingly important role in SDN and NFV and has gradually become the de facto standard. The DPDK transplant to the domestic Shen Wei processor hardware platform, not only can significantly improve Shen Wei platform based network equipment packet processing capabilities, but also can be extended Shen Wei hardware platform in high performance computing, big data platforms, security equipment, As well as the server field application. This paper firstly expounds the significance of DPDK porting to domestic Shen Wei processor platform, and briefly describes the architecture and core technologies of DPDK. Then it analyzes the difficulties of porting DPDK to SW processor platform, and describes the migration work Finally, the article briefly describes the design and implementation of the SW411 processor-based firewall prototype and compares the performance of the prototype before and after migration to verify that the DPDK can be ported to the Shen Wei platform effect.

The Design of One kind of secure reliable bigdata storage platform

2018, 4(1):  63-72. 

Asbtract ( )   PDF (6177KB) ( )  

References | Related Articles | Metrics

Based on the current domestic DBMS, the "BIGDATA" adaptation solution is put forward to improve the traditional DBMS. Designed and implemented the storage engine using the hybrid column compression technology to solve disk I/O problem of the "BIGDATA". Designed and implemented the intelligent indexing, hash index, substring indexes and custom word indexing technology to solve the performance problem of the key-search queries on the "BIGDATA" environment. Designed and implemented the multi-machine parallel (MPP) computing technology, multi-CPU core parallel (SMP) computing technology to solve the performance problem of the statistical analysis on the "BIGDATA" environment. Designed and implemented the data lifecycle management solutions to make purpose of the most valuable data using the most advantage of hardware resources. Designed and implemented the Share-Nothing architecture using auto extends online technology to solve the problem of the data become larger and larger over time. Through the cloud-based big data security framework, a distributed big data security solution is designed. To sum up in a word. Achieved a " big Data " storage platform in application transformation solution. Through testing and application effect analysis, verified the rationality of technical solutions. Specification of the Platform close to the target of similar foreign products.

Systematic Application and Demonstration to Promote Self-controllable Technology Development

2018, 4(1):  73-79. 

Asbtract ( )   PDF (4560KB) ( )  

References | Related Articles | Metrics

Since the current national strategy attaches great importance to the safe and reliable development of cyber sovereignty and cyberspace, the domestic self-controllable computer technology has made breakthrough progress through a series of demonstration projects since 2006. Based on the current situation of our country's self-controllable computer development, this paper deeply analyzes the challenges faced by the localization technology and products. In the case of China Aerospace Science and Industry Group Co., Ltd. independent controllable computer system as a case, this paper introduces the independent controllable technology in the integration of optimization, efficiency optimization, compatibility and other aspects of the remarkable achievements made for the independent controllable system construction application. At the same time, a series of new technologies and new products such as cloud platform and database integrated machines are researched on and developed, and the related situation and technical highlights of Tianyi one-stop autonomous controllable solution are introduced.

A Key Management Method and System of Symmetric Key

2018, 4(1):  80-83. 

Asbtract ( )   PDF (3261KB) ( )  

References | Related Articles | Metrics

Cryptography is one of the core technology of information security, meanwhile, key management technology is the foundation of cryptography. key management typically consists of these steps: generation, storage, exchange, update, revocation, control and destroy. In our video surveillance system, the video transmission of each channel also need encryption using symmetric key. However, the traditional key management method is based on the fact that both entities hold the symmetric key jointly. It will be tedious and dangerous potentially in order to ensure exchange of keys is safe and reliable and to prevent password leakage. To solve the problem, a symmetric key management method and a TCP server system is provided. In our system, all symmetric keys are stored in the server. Users can send requests to the server for getting the valid key, Meanwhile, the connection of users and server is certified and encrypted, making the key management efficient, reasonable, and safe.

Research and Implementation of Security Management of Data Files

2018, 4(1):  84-90. 

Asbtract ( )   PDF (4398KB) ( )  

References | Related Articles | Metrics

Data file security control technology applies file filter driver technology to the process of document creation, editing and using, and uses transparent encryption and decryption to realize content protection of classified files. Combined with user initiative and passive authorization, through file filtering driver technology, API HOOK technology and permission library interaction, we can achieve online, online and off-line full, dynamic and fine grained access control. This paper provides corresponding solutions from the research of safety control technology and implementation of data files, respectively from the unified data security management, data file management, entrance door control and the use of encrypted data file encryption, audit data file dynamic authorization management, file tracing, data encryption and document traceability platform interface the research of data file. Through the research of data file security management and control technology, the effective measures to solve the file data protection in Chongqing mobile business system are found.

Design and Analysis of Security Construction Scheme for City Rail AFC Systems

2018, 4(1):  91-96. 

Asbtract ( )   PDF (4299KB) ( )  

References | Related Articles | Metrics

City rail systems become more and more complex and intelligent, and information technology has become the management tool of AFC systems for city rails. This situation leads the information security protection to be part of the construction of AFC systems for city rails. This paper uses the security techniques for industrial control systems to design a construction scheme for city rail AFC systems. By considering the tools for border protection, intrusion detection, systematical detection, and function integration, a comprehensive security solution is formed. Analysis shows that the security construction scheme possesses high security.