Table of Content

02 September 2022, Volume 8 Issue 9

Previous Issue    Next Issue

Digital Identity Construction in Various Countries and Development  Path of TDI in China

2022, 8(9):  858. 

Asbtract ( )   PDF (771KB) ( )  

Related Articles | Metrics

Research on Several Issues in the Construction of Network Trusted  Identity System

2022, 8(9):  871. 

Asbtract ( )   PDF (2082KB) ( )  

References | Related Articles | Metrics

This paper works through a series of concepts related to “network identity”, extends the experience and ideas of network identity management from the ways and methods of real social identity management, analyzes the four basic stages involved in network identity life cycle management and the key problems to be solved, and puts forward the reference architecture of network trusted identity system and its system functional structure, It also puts forward relevant suggestions to promote the construction and application of network trusted identity system in China.

Research on an OAuth2.1based Unified Authentication and  Authorization Framework

2022, 8(9):  879. 

Asbtract ( )   PDF (1635KB) ( )  

References | Related Articles | Metrics

With the development of enterprise informatization, there are more and more applications within the enterprise. To make better the access control management of applications in the enterprise, and users can access all the applications which are authorized after logging in once, it is essential to establish a unified, effective and secure authentication and authorization system. On the basis of studying the OAuth2.1 protocol, the paper proposes an OAuth2.1based unified authentication and authorization framework. The framework includes three aspects: authentication, authorization, and security design. The framework includes five functional modules: userapplication authentication, OAuth2.1 authorization, userapplication data management, authority management, and security risk detection. The feasibility and safety of the framework are analyzed. The results of the research are shown that the framework better reflects the need of establishing a unified, effective, and safe authentication and authorization system within the enterprise, and the framework has a wide range of practical guiding significance and value for the rapid establishment of a unified authentication and authorization system within the enterprise.

Construction of a Trusted Authentication Platform

2022, 8(9):  888. 

Asbtract ( )   PDF (2810KB) ( )  

References | Related Articles | Metrics

Along with the development of the digital society, cyberspace and real society have been integrated to a high degree. The frequent occurrence of personal identity information leakage and cybercrime indicates that traditional identity authentication methods can no longer meet the needs of cyberspace security and identity management. Based on the identity management characteristics of China, this paper proposes a trusted identity authentication service platform with statutory identity documents as the root of trust. This platform can realize the integration of identity management online and offline, help build trusted identity management and service system in China's cyberspace, and ensure the sustained and healthy development of the digital economy.

Design and Research of Attack and Defense Platform  Based on Real Network

2022, 8(9):  895. 

Asbtract ( )   PDF (2394KB) ( )  

References | Related Articles | Metrics

Through the research and analysis of the current situation that National Cyber Range is based on simulation technology, this paper puts forward the research goal of building a set of attack and defense platform based on real network environment, and designs a set of technical architecture of real network attack and defense platform with five modules: attack and defense capability confrontation space, attack and defense confrontation security control, security situation analysis and display, command and dispatching wall chart operation and secure big data platform. This paper also expounds the application practice of the architecture, and finally improves the network security comprehensive defense ability of security personnel.

Research on Data Security Endogenous Mechanism on Complex  Adaptive Organizations

2022, 8(9):  901. 

Asbtract ( )   PDF (1865KB) ( )  

References | Related Articles | Metrics

At present，theoretical and practical studies concerning organizations pay more attention to data security governance and maturity capability building other than the endogenous mechanism of data security of complex organizations from the perspective of adaptive management of organizations. In this paper, the author pays attention to the lack of security adaptive management under the characteristics of complex and diverse organizations that may lead to resource imbalance or ineffective allocation, taking “departmental organization effective interaction” oriented by the adaptive operation and management goals of complex critical safety organizations as the main line, focus on the analysis of the influence and evaluation strategy of data security on organization adaptive evaluation, and construct effective evaluation index and reintervene index system of data security and effective function. The work of this paper is beneficial to improve the adaptive learning ability under data security underlying logic, and then promote effective innovation of organization adaptive safety management style under data security regulatory environment at home and abroad.

Research on User Viewpoint Positioning Method in Microblog Screenshots

2022, 8(9):  908. 

Asbtract ( )   PDF (3822KB) ( )  

Related Articles | Metrics

The rapid development of the Internet provides great convenience to people’s life, but it also provides a breeding ground and convenience for the spread of harmful thoughts. Network screenshots have become a new means of information transmission, the acquisition of user viewpoint usually requires text recognition first, and then uses natural language processing for data cleaning. However, some key information may be lost in the process of language processing, resulting in data distortion. Combined with the background of information security, this paper proposes a method to locate the user viewpoint in microblog screenshots by looking for specific text areas in text images. Firstly, transfer learning of the character region perception model is performed to enhance its generalization ability on the target task, and the character level positioning of the trained character region perception model is used. Then, the single character shape is analyzed by logical reasoning, and the user viewpoint text line is recognized according to the different appearance characteristics of different characters and the similar line characteristics of the characters on the same line. Finally, the logical location results are fused with the model location results. The experimental results show that the method provides a good ability to filter user viewpoint in microblog screenshots, can effectively locate user viewpoint, and achieve the purpose of obtaining specific text areas in text images.





Research on Verification of Neural Network Based on Softplus  Function by Reluplex Algorithm

2022, 8(9):  917. 

Asbtract ( )   PDF (1959KB) ( )  

References | Related Articles | Metrics

Formal verification is a method in computer science that uses mathematical logic to verify whether a system is feasible. Applying formal verification methods to the field of neural networks fully can facilitate us to study the characteristics and applications of neural networks better. Reluplex is a kind of simplex algorithm for verifying deep neural networks which uses Relu as the activation function, and neurons of Relu are fragile and may die during training. Softplus is an activation function similar to Relu but smoother than it. We improved the Reluplex algorithm to test deep neural networks which is using Softplus activation function, and then obtained experimental data results by testing robust adversarial under Softplus activation function. Through the comparison with the test results under Relu, it is confirmed that test efficiency under Softplus is significantly higher than that of Relu, which is more balanced than Relu so that the neural network can learn faster. This study expands the functions of the neural network verification algorithm and conducts a corresponding comparative analysis, which is beneficial to better verify and improve deep neural networks to ensure its security in the future.





Information System Risk Assessment Based on Improved D-S Evidence Theory

2022, 8(9):  925. 

Asbtract ( )   PDF (929KB) ( )  

References | Related Articles | Metrics

In view of the characteristics of incomplete data, strong randomness and fuzziness of risk items in the information security system, this paper proposes the method of “concentration rate” on the basis of the previous risk assessment model which is based on DS evidence theory, and effectively deals with the evidence conflicts among risk items. Then, the improved Dempster's evidence combination rule is used to synthesize the risk items, which reduces the uncertainty in the security risk assessment of the whole system. Finally, an example analysis of the hierarchical model of information system security risk assessment is given to verify the method proposed in this paper. The example shows that the improved method proposed in this paper is feasible and effective.

Promotion and Regulation Path of Personal Financial Information  Cross-border Flow in China

2022, 8(9):  931. 

Asbtract ( )   PDF (1203KB) ( )  

Related Articles | Metrics

The vigorous development of the digital economy has generated a huge demand for the crossborder flow of personal financial information. The crossborder flow of personal financial information has become a prospective research field of cyberspace security. There is an urgent need to clarify the path for the scientific promotion and reasonable regulation of the crossborder flow of personal financial information. Through analysis of the particularity of personal financial information, the risk of crossborder transmission of information as well as the relevant laws and regulations, this paper summarizes the difficulties of the regulation of the crossborder flow of personal financial information in China in three respects. Then, based on the extraction of key points of the difficulties with the dual attributes of personal financial information and the crossjurisdictional characteristic of crossborder data flow, the promotion and regulation path of the crossborder flow of personal financial information is proposed in the context of deepening financial marketoriented reform and financial openingup. The conclusion is that China should balance multiple legal interests in promoting and regulating the crossborder flow of personal financial information. Furthermore, it is needed to promote the coordination of “financial supervision”, “localization of personal financial information”, “interregional treaties and agreements” and the rules of crossborder flow of personal financial information.

Automatic Analysis and Reproduction Technology of Remote Code  Execution Vulnerability Based on Grid System

2022, 8(9):  939. 

Asbtract ( )   PDF (1311KB) ( )  

References | Related Articles | Metrics

Remote code execution vulnerability is one of the most harmful vulnerabilities in industrial network security attacks and defense, which can directly control the target power grid system. After an attack, it is difficult to analyze the memory corruption type vulnerability, because the attacker may use address space randomization bypass during such vulnerability exploitation. Aiming at the circumvention of address space randomization in binary remote code execution vulnerability, this paper designs and implements an automatic analysis and utilization tool based on traffic, which can analyze and reproduce execution vulnerability. The shadow service technology is proposed to establish the same shadow service as the target service environment in a completely controllable environment. On this basis, a synchronous processing technique is proposed to deal with the recorded attack traffic. The results show that defenders can use this tool to quickly perform vulnerability investigations against remote code targeting native services, thus preventing similar exploits from being used again.

Analysis on Development of Newtype Smart City Cyber Security

2022, 8(9):  947. 

Asbtract ( )   PDF (831KB) ( )  

References | Related Articles | Metrics

The newtype smart city is a new concept and new path to promote the modernization of city governance system and governance capacity, enhance  the happiness and satisfaction of urban residents. It is also an important carrier for the construction of Internet power and the development of digital economy. In recent years, with the rapid development of newtype smart cities, security problems such as attacks on urban information infrastructure, sensitive data breaches and illegal use have become increasingly prominent, bringing severe challenges to the highquality development of newtype smart cities. In this paper, the network security risks faced by newtype smart cities and the key development directions in the future are analyzed and judged, and countermeasures and suggestions are proposed to promote the highlevel development of network security in newtype smart cities.