In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from in...In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.展开更多
The purpose of this study was to explore the water usage profile of future Vietnamese households by carrying out a controlled living experiment with Vietnamese high-income households. By studying showering time, flow ...The purpose of this study was to explore the water usage profile of future Vietnamese households by carrying out a controlled living experiment with Vietnamese high-income households. By studying showering time, flow rate and toilet-use frequency of these households, the study revealed the water usage believed to be representative of future households in light of continued urbanization. This study also determined that the average time of showering was 9.7 minutes per person per day with an average flow rate of 12 L/minute for the existing shower head and 6.6 L/minute for the water-saving shower head. Toilet usage frequency was 5.25 times per person per day, and there was no difference with the results for an average (middle-income) household.展开更多
The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,indivi...The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,individuals are becoming increasingly concerned about data misuse and leaks.To address these issues,in this paper,we propose TrustControl,a trusted data usage control system to control,process,and protect data usage without revealing privacy.A trusted execution environment(TEE)is exploited to process confidential user data.First of all,we design a secure and reliable remote attestation mechanism for ARM TrustZone,which can verify the security of the TEE platform and function code,thus guaranteeing data processing security.Secondly,to address the security problem that the raw data may be misused,we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose.Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage.Furthermore,we implement the prototype system of TrustControl on TrustZone-enabled hardware.Real-world experiment results demonstrate that the proposed Trust-Control is secure and the performance overhead of introducing our prototype system is very low.展开更多
Access and usage control is a major challenge in information and computer security in a distributed network connected environment. Many models have been proposed such as traditional access control and UCONABC. Though ...Access and usage control is a major challenge in information and computer security in a distributed network connected environment. Many models have been proposed such as traditional access control and UCONABC. Though these models have achieved their objectives in some areas, there are some issues both have not dealt with. The issue of what happens to a resource once it has been accessed rightfully. In view of this, this paper comes out with how to control resource usage by a concept known as the package concept. This concept can be implemented both with internet connection and without the internet connection to ensure continual control of resource. It packages the various types of resources with the required policies and obligations that pertain to the use of these different resources. The package concept of ensuring usage control focuses on resource by classifying them into three: Intellectual, sensitive and non-sensitive resources. Also this concept classifies access or right into three as: access to purchase, access to use temporally online and access to modify. The concept also uses biometric mechanism such as fingerprints for authentication to check redistribution of resource and a logic bomb to help ensure the fulfillment of obligations.展开更多
Introduction: The present work was devoted to assess the awareness and usage of quality control tools with the emphasis on statistical process control in Ethiopian manufacturing industries. Semi structured questionnai...Introduction: The present work was devoted to assess the awareness and usage of quality control tools with the emphasis on statistical process control in Ethiopian manufacturing industries. Semi structured questionnaire has been employed to executive and technical managers of manufacturing industries of various size and specialism across the country. Stratified random sample method by region was used to select sample industries for the study. The samples used for this study are industries mainly from Oromiya, Addis Ababa, Tigray, Amara, SNNP and Diredawa regions proportional to their size of the available industries. Methods: Exploratory method and descriptive statistics was used for data analysis. Available documents and reports related to quality control policy of the selected companies were investigated. Results and Discussions: The number of manufacturing industries involved in this study was 44. Of the sampled manufacturing industries about 60% are from Oromiya and Addis Ababa regions. It has been reported that 100% of the respondents said that the importance of quality control tools is very important to their organizations’ productivity and quality improvement (Figure 3). Quality control professionals were also asked the extent to which quality control system is working in their industry and majority of the respondents (45%) have indicated that quality control system is working to some extent in their respective industries (Figure 18). Conclusions and Recommendations: Most of the quality department of the industries did not fully recognize the importance of statistical process control as quality control tools. This is mainly due to lack of awareness and motivation of the top managements, shortage of man power in the area, and others together would make it difficult to apply quality control tools in their organization. In general, the industries in Ethiopia are deficient in vigor and found to be stagnant hence less exposed to a highly competitive market and don’t adopt the latest quality control techniques in order to gain knowledge about systems to improve quality and operational performance. We conclude that quality management system has to be established as an independent entity with a real power and hence the quality control department which is responsible for quality can make an irreversible decision with respect to quality of any given product. Moreover, the concerned bodies (government and ministry of industries) should give attention and work together with universities to ensure how these statistical process control techniques could be incorporated in a curriculum of the universities at higher levels in degree and masters programs. Furthermore, different trainings which could improve quality and efficiency of their respective management system should be given as short and long term to the employees including top and middle managers found in various industries relevant to their process.展开更多
This paper presents the principle of the fuzzy associate memory controlled leaky bucket (FAMLB) and several concepts for Usage Parameter Control (UPC) in ATM networks. The multiplex weight and random fuzzy rules adjus...This paper presents the principle of the fuzzy associate memory controlled leaky bucket (FAMLB) and several concepts for Usage Parameter Control (UPC) in ATM networks. The multiplex weight and random fuzzy rules adjustment method in the system architecture are introduced. The conclusions show that the FAMLB is a better dynamic method of UPC than the traditional ones.展开更多
In hearing physiological experiments and clinic tests,we need not only a signal processing system,but also a synchronous sound stimulator’ Most of stimulators we are now using are function generators which are indepe...In hearing physiological experiments and clinic tests,we need not only a signal processing system,but also a synchronous sound stimulator’ Most of stimulators we are now using are function generators which are independent to processing units,and can be controlled only by hand. Although some of them have ports through which they can be controlled by computer,but as they are designed for industrial aims,not for hearing research,most of them can’t generate the special waveforms we need. We use the TDT signal processing system and develop a software package have both usage. On the interface of the program we can control the sampling parameters and generate stimulating waveforms’展开更多
Most cloud services are built with multi-tenancy which enables data and configuration segregation upon shared infrastructures.It offers tremendous advantages for enterprises and service providers.It is anticipated tha...Most cloud services are built with multi-tenancy which enables data and configuration segregation upon shared infrastructures.It offers tremendous advantages for enterprises and service providers.It is anticipated that this situation will evolve to foster cross-tenant collaboration supported by Authorization as a service.To realize access control in a multi-tenant cloud computing environment,this study proposes a multi-tenant cloud computing access control model based on the traditional usage access control model by building trust relations among tenants.The model consists of three sub-models,which achieve trust relationships between tenants with different granularities and satisfy the requirements of different application scenarios.With an established trust relation in MT-UCON(Multi-tenant Usage Access Control),the trustee can precisely authorize cross-tenant accesses to the trustor’s resources consistent with constraints over the trust relation and other components designated by the trustor.In addition,the security of the model is analyzed by an information flow method.The model adapts to the characteristics of a dynamic and open multi-tenant cloud computing environment and achieves fine-grained access control within and between tenants.展开更多
Due to inherent heterogeneity, multi-domain characteristic and highly dynamic nature, authorization is a critical concern in grid computing. This paper proposes a general authorization and access control architecture,...Due to inherent heterogeneity, multi-domain characteristic and highly dynamic nature, authorization is a critical concern in grid computing. This paper proposes a general authorization and access control architecture, grid usage control (GUCON), for grid computing. It's based on the next generation access control mechanism usage control (UCON) model. The GUCON Framework dynamic grants and adapts permission to the subject based on a set of contextual information collected from the system environments; while retaining the authorization by evaluating access requests based on subject attributes, object attributes and requests. In general, GUCON model provides very flexible approaches to adapt the dynamically security request. GUCON model is being implemented in our experiment prototype.展开更多
多跑道机场飞行区运行效率低下会导致空域-跑道系统容流供需失衡,进而造成终端区空域交通拥堵、航班延误现象频发。为提升多跑道机场终端区运行效率,借助全空域与机场模型软件(total airspace and airport modeler,TAAM)建立空域仿真模...多跑道机场飞行区运行效率低下会导致空域-跑道系统容流供需失衡,进而造成终端区空域交通拥堵、航班延误现象频发。为提升多跑道机场终端区运行效率,借助全空域与机场模型软件(total airspace and airport modeler,TAAM)建立空域仿真模型,针对不同运行模式动态转换下对终端区交通流走向、扇区开合等空域时空特性的影响进行分析,提出1种考虑不同运行时段内终端区机场走廊口流量配比和进离港流量分布的动态多跑道使用策略优化方法。首先,使用TAAM综合考虑不同跑道运行模式下各扇区内航班流量、高度变更、移交协调及冲突解脱对管制负荷的影响,拟合得出不同跑道运行模式下基于当量航空器架次的各扇区管制负荷函数。以终端区内航班平均飞行时间、平均延误时间及管制员工作负荷为优化目标,建立了跑道使用策略优化模型。设计了1种基于航空器基本性能数据库(the base aircraft data,BADA)的多目标非支配排序遗传算法(NSGA-Ⅱ),并结合机场实际运行条件在无运行限制、运行方向限制、运行模式限制等5种场景下进行仿真计算。对各场景Pareto最优解集进行评价得出不同场景下最优跑道使用策略,并使用TAAM进行仿真对比验证。结果表明:无运行限制和运行方向限制相较于单一跑道运行模式的航班服务效率提升10.15%,5.01%;管制员工作负荷减少3.91%,3.4%;延误时间减少28.86%,19.46%。展开更多
在使用控制(usage control,UCON)核心模型UCONABC(usage control authorizations,obligations,conditions)中引入委托机制,对委托的粒度、深度、广度以及授权回收等问题进行研究,并通过划分主体属性,建立属性与权利的对应关系等方式,设...在使用控制(usage control,UCON)核心模型UCONABC(usage control authorizations,obligations,conditions)中引入委托机制,对委托的粒度、深度、广度以及授权回收等问题进行研究,并通过划分主体属性,建立属性与权利的对应关系等方式,设计了新的带有委托授权特征的UCONABC模型,并给出两个具有委托授权特征的UCONABC子模型的形式化描述,最后,通过委托授权模型在数字资源访问控制中的一个应用实例,验证带有委托授权特征的UCONABC模型的有效性,并以此体现对于开放式环境中基于属主的委托授权问题的研究意义.展开更多
基金ACKNOWLEDGEMENTS This work has been supported by the National Natural Science Foundation of China under Grant No. 61272519, 61121061.
文摘In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.
文摘The purpose of this study was to explore the water usage profile of future Vietnamese households by carrying out a controlled living experiment with Vietnamese high-income households. By studying showering time, flow rate and toilet-use frequency of these households, the study revealed the water usage believed to be representative of future households in light of continued urbanization. This study also determined that the average time of showering was 9.7 minutes per person per day with an average flow rate of 12 L/minute for the existing shower head and 6.6 L/minute for the water-saving shower head. Toilet usage frequency was 5.25 times per person per day, and there was no difference with the results for an average (middle-income) household.
基金This work was supported by the National Key R&D Program of China(No.2021YFB2700601)Research Project of Hainan University(No.HD-KYH-2021240)+2 种基金Finance Science and Technology Project of Hainan Province(No.ZDKJ2020009 and ZDKJ2020012)National Natural Science Foundation of China(No.62163011,62162022 and 62162024)Key Projects in Hainan Province(No.ZDYF2021GXJS003 and ZDYF2020040).
文摘The past decade has seen the rapid development of data in many areas.Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation.However,individuals are becoming increasingly concerned about data misuse and leaks.To address these issues,in this paper,we propose TrustControl,a trusted data usage control system to control,process,and protect data usage without revealing privacy.A trusted execution environment(TEE)is exploited to process confidential user data.First of all,we design a secure and reliable remote attestation mechanism for ARM TrustZone,which can verify the security of the TEE platform and function code,thus guaranteeing data processing security.Secondly,to address the security problem that the raw data may be misused,we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose.Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage.Furthermore,we implement the prototype system of TrustControl on TrustZone-enabled hardware.Real-world experiment results demonstrate that the proposed Trust-Control is secure and the performance overhead of introducing our prototype system is very low.
文摘Access and usage control is a major challenge in information and computer security in a distributed network connected environment. Many models have been proposed such as traditional access control and UCONABC. Though these models have achieved their objectives in some areas, there are some issues both have not dealt with. The issue of what happens to a resource once it has been accessed rightfully. In view of this, this paper comes out with how to control resource usage by a concept known as the package concept. This concept can be implemented both with internet connection and without the internet connection to ensure continual control of resource. It packages the various types of resources with the required policies and obligations that pertain to the use of these different resources. The package concept of ensuring usage control focuses on resource by classifying them into three: Intellectual, sensitive and non-sensitive resources. Also this concept classifies access or right into three as: access to purchase, access to use temporally online and access to modify. The concept also uses biometric mechanism such as fingerprints for authentication to check redistribution of resource and a logic bomb to help ensure the fulfillment of obligations.
文摘Introduction: The present work was devoted to assess the awareness and usage of quality control tools with the emphasis on statistical process control in Ethiopian manufacturing industries. Semi structured questionnaire has been employed to executive and technical managers of manufacturing industries of various size and specialism across the country. Stratified random sample method by region was used to select sample industries for the study. The samples used for this study are industries mainly from Oromiya, Addis Ababa, Tigray, Amara, SNNP and Diredawa regions proportional to their size of the available industries. Methods: Exploratory method and descriptive statistics was used for data analysis. Available documents and reports related to quality control policy of the selected companies were investigated. Results and Discussions: The number of manufacturing industries involved in this study was 44. Of the sampled manufacturing industries about 60% are from Oromiya and Addis Ababa regions. It has been reported that 100% of the respondents said that the importance of quality control tools is very important to their organizations’ productivity and quality improvement (Figure 3). Quality control professionals were also asked the extent to which quality control system is working in their industry and majority of the respondents (45%) have indicated that quality control system is working to some extent in their respective industries (Figure 18). Conclusions and Recommendations: Most of the quality department of the industries did not fully recognize the importance of statistical process control as quality control tools. This is mainly due to lack of awareness and motivation of the top managements, shortage of man power in the area, and others together would make it difficult to apply quality control tools in their organization. In general, the industries in Ethiopia are deficient in vigor and found to be stagnant hence less exposed to a highly competitive market and don’t adopt the latest quality control techniques in order to gain knowledge about systems to improve quality and operational performance. We conclude that quality management system has to be established as an independent entity with a real power and hence the quality control department which is responsible for quality can make an irreversible decision with respect to quality of any given product. Moreover, the concerned bodies (government and ministry of industries) should give attention and work together with universities to ensure how these statistical process control techniques could be incorporated in a curriculum of the universities at higher levels in degree and masters programs. Furthermore, different trainings which could improve quality and efficiency of their respective management system should be given as short and long term to the employees including top and middle managers found in various industries relevant to their process.
文摘This paper presents the principle of the fuzzy associate memory controlled leaky bucket (FAMLB) and several concepts for Usage Parameter Control (UPC) in ATM networks. The multiplex weight and random fuzzy rules adjustment method in the system architecture are introduced. The conclusions show that the FAMLB is a better dynamic method of UPC than the traditional ones.
基金Acknowledgements: This work is supported by National Natural Science Foundation of China (No. 60773118), National High Tech. Development Plan (No. 2006AA01A109) and Program for Changjiang Scholars and Innovative Research Team in University.
文摘In hearing physiological experiments and clinic tests,we need not only a signal processing system,but also a synchronous sound stimulator’ Most of stimulators we are now using are function generators which are independent to processing units,and can be controlled only by hand. Although some of them have ports through which they can be controlled by computer,but as they are designed for industrial aims,not for hearing research,most of them can’t generate the special waveforms we need. We use the TDT signal processing system and develop a software package have both usage. On the interface of the program we can control the sampling parameters and generate stimulating waveforms’
文摘Most cloud services are built with multi-tenancy which enables data and configuration segregation upon shared infrastructures.It offers tremendous advantages for enterprises and service providers.It is anticipated that this situation will evolve to foster cross-tenant collaboration supported by Authorization as a service.To realize access control in a multi-tenant cloud computing environment,this study proposes a multi-tenant cloud computing access control model based on the traditional usage access control model by building trust relations among tenants.The model consists of three sub-models,which achieve trust relationships between tenants with different granularities and satisfy the requirements of different application scenarios.With an established trust relation in MT-UCON(Multi-tenant Usage Access Control),the trustee can precisely authorize cross-tenant accesses to the trustor’s resources consistent with constraints over the trust relation and other components designated by the trustor.In addition,the security of the model is analyzed by an information flow method.The model adapts to the characteristics of a dynamic and open multi-tenant cloud computing environment and achieves fine-grained access control within and between tenants.
基金Supported by the National Natural Science Foun-dation of China (60403027)
文摘Due to inherent heterogeneity, multi-domain characteristic and highly dynamic nature, authorization is a critical concern in grid computing. This paper proposes a general authorization and access control architecture, grid usage control (GUCON), for grid computing. It's based on the next generation access control mechanism usage control (UCON) model. The GUCON Framework dynamic grants and adapts permission to the subject based on a set of contextual information collected from the system environments; while retaining the authorization by evaluating access requests based on subject attributes, object attributes and requests. In general, GUCON model provides very flexible approaches to adapt the dynamically security request. GUCON model is being implemented in our experiment prototype.
文摘多跑道机场飞行区运行效率低下会导致空域-跑道系统容流供需失衡,进而造成终端区空域交通拥堵、航班延误现象频发。为提升多跑道机场终端区运行效率,借助全空域与机场模型软件(total airspace and airport modeler,TAAM)建立空域仿真模型,针对不同运行模式动态转换下对终端区交通流走向、扇区开合等空域时空特性的影响进行分析,提出1种考虑不同运行时段内终端区机场走廊口流量配比和进离港流量分布的动态多跑道使用策略优化方法。首先,使用TAAM综合考虑不同跑道运行模式下各扇区内航班流量、高度变更、移交协调及冲突解脱对管制负荷的影响,拟合得出不同跑道运行模式下基于当量航空器架次的各扇区管制负荷函数。以终端区内航班平均飞行时间、平均延误时间及管制员工作负荷为优化目标,建立了跑道使用策略优化模型。设计了1种基于航空器基本性能数据库(the base aircraft data,BADA)的多目标非支配排序遗传算法(NSGA-Ⅱ),并结合机场实际运行条件在无运行限制、运行方向限制、运行模式限制等5种场景下进行仿真计算。对各场景Pareto最优解集进行评价得出不同场景下最优跑道使用策略,并使用TAAM进行仿真对比验证。结果表明:无运行限制和运行方向限制相较于单一跑道运行模式的航班服务效率提升10.15%,5.01%;管制员工作负荷减少3.91%,3.4%;延误时间减少28.86%,19.46%。
文摘在使用控制(usage control,UCON)核心模型UCONABC(usage control authorizations,obligations,conditions)中引入委托机制,对委托的粒度、深度、广度以及授权回收等问题进行研究,并通过划分主体属性,建立属性与权利的对应关系等方式,设计了新的带有委托授权特征的UCONABC模型,并给出两个具有委托授权特征的UCONABC子模型的形式化描述,最后,通过委托授权模型在数字资源访问控制中的一个应用实例,验证带有委托授权特征的UCONABC模型的有效性,并以此体现对于开放式环境中基于属主的委托授权问题的研究意义.
