Table of Content

    05 July 2020, Volume 6 Issue 7
    Studies of the Latest Progress of NSTIC
    2020, 6(7):  575-581. 
    Asbtract ( )   PDF (1331KB) ( )  
    References | Related Articles | Metrics
    In 2011, the US government announced The National Strategy for Trusted Identities in Cyberspace (NSTIC), which attempts to establish a user-centered identity ecosystem in about 10 years, improve the privacy protection environment, the convenience of online transactions and the security of sensitive information. In the past nearly 10 years, how is it organized and implemented, and what is the effect of its implementation? The paper summarizes the latest progress of NSTIC from three aspects: the organization and leadership, the implementation of the strategy and the evaluation of implementation effect.
    Research on the Development of Digital Identity in EU
    2020, 6(7):  582-588. 
    Asbtract ( )   PDF (913KB) ( )  
    References | Related Articles | Metrics
    In order to break the fragmentation of digital identity, remove the barriers for citizens and enterprises to use their national digital identity for cross-border access to online services, and promote the formation of a single digital market in the EU, the EU has introduced eIDAS regulations at the legal level to clarify the responsibilities of all parties in digital identity, unify the standards of digital identity assurance level, and enforce mutual recognition among digital identities of Member States, and build The interconnection infrastructure of eIDas network, such as national nodes, actively guides the innovation practice related to digital identity through financial support and other means, strengthens the cooperation between the state and all sectors of society, and achieves good results. At the same time, the EU has introduced norms such as the level of digital identity assurance and raised them to legal requirements. By investing in a series of digital identity research and infrastructure projects, the EU has promoted the actual mutual recognition of digital identities, reduced the relevant economic and social costs, and strongly supported the development of the local digital economy. Its experience and practice are worth learning. This paper focuses on the EU's work in the field of digital identity management, hoping to provide some reference for China's digital identity governance.
    Research on Privacy in Biometrics
    2020, 6(7):  589-601. 
    Asbtract ( )   PDF (2343KB) ( )  
    References | Related Articles | Metrics
    Biometric has been the important method for identity authentication due to the uniqueness, permanence and identifiability of the biological characteristic, but also pose challenges for privacy. Biometrics system should meet six protection goals: confidentiality, integrity, availability, unlinkability, transparency, and intevenability. In this paper, the requirements and implications of these goals are analyzed, and the relevant techniques and implementation methods are proposed including biometric encryption, cancelable biometric, homomorphic encryption, anonymization, de-identification, diversification, renewable biometric reference, data isolation, as well as management principles and criterion of conduct besides technical measures.
    Prospects for the Development of Cyberspace Identity Management System
    2020, 6(7):  602-607. 
    Asbtract ( )   PDF (980KB) ( )  
    References | Related Articles | Metrics
    Cyberspace identity management, as an indispensable infrastructure for cyberspace governance in the era of Internet digital economy, plays an important supporting role in social economic development and social governance. The United States, the European Union, South Korea and other developed countries attach great importance to network identity management, have issued national strategic plans, and actively explore the application of cutting-edge technology. China's research efforts and investment in cyberspace identity management are also increasing, and the cyberspace trusted service ecology is gradually built. Cyberspace identity management system includes centralized and decentralized identity management. The centralized identity management system is the traditional identity management mode in Internet applications, which has the advantages of high efficiency and rapidity, and the disadvantages of centralized management and control of user identity information, which is prone to privacy disclosure. Decentralized identity management system is a new cyberspace identity management system based on blockchain technology. With its decentralized, encrypted, difficult to tamper with, traceable and other features, it can solve the problems of privacy disclosure in centralized identity management, but it also has poor performance and low efficiency. The two identity management systems of centralization and decentralization have their own advantages and disadvantages. They complement each other. The emergence of blockchain, artificial intelligence and other cutting-edge technologies will vigorously promote the innovation and development of cyberspace identity management system, and make it more intelligent and secure.
    A Survey of Zero Trust Research
    2020, 6(7):  608-614. 
    Asbtract ( )   PDF (2068KB) ( )  
    References | Related Articles | Metrics
    With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust.
    "Voiceprint+" based unsupervised trusted identity authentication
    2020, 6(7):  615-621. 
    Asbtract ( )   PDF (1762KB) ( )  
    References | Related Articles | Metrics
    In recent years, with fast development of the Internet and the Internet of Things (IoT) and the rise of the self-service terminals and self-service stores, online cyberspace and offline physical space unsupervised identity authentication become a necessary part of people’s life, those scenarios that require unsupervised identity authentication are increasing very exponentially. At present, biometric recognition becomes a most important way for users to prove themselves. But once the biometrics are used illegally or unwillingly, this will damage users' profits very seriously. For the above mentioned reasons, this paper aims at in-depth analysis on the trusted identity authentication in unsupervised scenarios, proposes the five-feature requirement of unsupervised identity authentication, compares the pros and cons and authentication features of various biometrics comprehensively, analyzes the advantages of voiceprint recognition technology used in unsupervised identity authentication, and predicts the future trend of trusted identity authentication based on “Voiceprint +” multi-dimensional technology “going from real person to real intention”.
    A Perspective Analysis of Artificial Intelligence for Handwritten Signature Verification
    2020, 6(7):  622-633. 
    Asbtract ( )   PDF (3513KB) ( )  
    References | Related Articles | Metrics
    Handwritten signature verification has been one of the main biometric identification since ancient times, especially in the verification of contracts, bills and other documents in the judicial field. As the rapid development of information technology and mobile Internet, electronic contract has shown its potential and becoming more and more popular, and the form and application of handwritten signatures have changed a lot. Meanwhile, the computer system of handwritten signature verification has been greatly improved by the artificial intelligence technology, the deep convolutional neural network CNN and deep recurrent neural network RNN have been proved to be superior to the traditional algorithm in most scenarios. This article will introduce the basic principles of computer system of handwritten signature verification and the cutting-edge application of artificial intelligence technology in this field.
    The Security Problems of the DeepFake Technology: Opportunities and Challenges
    2020, 6(7):  634-644. 
    Asbtract ( )   PDF (2454KB) ( )  
    References | Related Articles | Metrics
    The developments of artificial intelligence (AI) have made significant changes to the society. However, the AI applications expose their own security problems as well. Recently, fake content generation techniques such as DeepFake have become a threat to public security and privacy. In this article, we first summarize the backgrounds and principles of the DeepFake technologies. Then, we analyze the impacts of DeepFake on business, politics, pornography and entertainment. Many institutions response actively against DeepFake. Among these institutions, the academies focus on developing new technologies to detect these fake videos, images and audios.
    Challenge of AI+ Biometric Identification Technology to Trusted Identity Authentication
    2020, 6(7):  645-651. 
    Asbtract ( )   PDF (1250KB) ( )  
    References | Related Articles | Metrics
    With the development of Mobile Internet, the number of the mobile internet users is becoming much larger than that of the PC netizens. The development of the internet of things makes it possible for everything to be interconnected. There are more and more social and intelligence Internet products. Virtual world and real world are inseparable. At the same time, the technology of artificial intelligence is developing fast and the application fields of it are expanding. It brings a lot of new technology products, with will become the great container of human wisdom. However, artificial intelligence is a challenging science. For one thing, it brings so many conveniences to people’ s life. For another, it brings many information security challenges. Will it be stopped because of the challenges? Certainly we will say “No”. But how can we prove “it is me myself, not others ”in the internet? My paper deals with how to combine artificial intelligence with biological characteristics to meet the authenticate challenges of trusted identity. In my paper, a lot of research work has been written down, which I have been doing in my work practice combined with biometric identifications such as face recognition; voiceprints recognition; iris recognition; fingerprints recognition; identification of actions and habits and so on. It is hopeful that the technology of artificial intelligence is certain to make our life more beautiful and safer!
    Research on Password Protection Technology of Intelligent Internet of Things Device
    2020, 6(7):  652-656. 
    Asbtract ( )   PDF (1225KB) ( )  
    References | Related Articles | Metrics
    As a common method of identification for intelligent connected devices, password authentication involves many security threats during its use. Based on the analysis of the security risks during the password authentication, this paper puts forward the security technical requirements and security objectives from the aspects of the generation, management and use of the accounts and passwords of intelligent connected devices, to guide manufacturers concerned to design and implement password protection functions securely, and also serve as the basis for the secure use, supervision, inspection and guidance of passwords of intelligent connected devices.
    Privacy Crisis and Regulation of Free Social Software Users
    2020, 6(7):  657-663. 
    Asbtract ( )   PDF (1046KB) ( )  
    References | Related Articles | Metrics
    With the rapid popularization of information services and the continuous innovation of Internet business model, free social software has entered all aspects of user life. However, when users enjoy all kinds of free social software services, the compulsory collection and improper handling of users’ personal privacy information are common concerns of users. Protecting the personal information and privacy of social software users, so that users’ personal information and privacy data can no longer "run naked", cannot be separated from improving the self-restraint of users' improper network behavior, strengthening the self-discipline of social software operators, and improving the quality of government regulation. Therefore, under the framework of the rule of law, it is extremely important to construct a multi-subject cooperation mechanism to protect personal privacy, effectively prevent and resist torts, and actively explore and construct legal regulations to prevent and control personal privacy crisis.
    Research on cyber security management of the whole life cycle of information system of Integrated sports meeting
    2020, 6(7):  664-668. 
    Asbtract ( )   PDF (1246KB) ( )  
    References | Related Articles | Metrics
    The information system is an important part of the Integrated sports meeting to improve the quality and effectiveness of the games. This article analyzes the present situation and characteristics of the information system of the Integrated sports meeting,and put forward information system whole life cycle cyber security management , using IPDRR (inventory - protection - testing - response - recovery) architecture, make the information system of games overall compliance and security.