The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on t...The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on the Windows and today's commodity hardware, merely depends on availability of an embedded security module (ESM). ESM and security enhanced BIOS is the root of trust, PMBR (Pre-MBR) checks the integrity of boot data and Windows kernel, which is a checking agent stored in ESM. In the end, the paper analyzed the mathematic expression of the chain of trust and the runtime performance compared with the common booring process. The trust chain bootstrap greatly strengthens the security of personal computer system, and affects the runtime performance with only adding about 12% booting time.展开更多
This paper proposes a C/S system model for K-Java and PDA named Net-Wireless.It is a discussion and proposal on information security and solutions for R-Java handsets and PDAsin wireless network. It also explains the ...This paper proposes a C/S system model for K-Java and PDA named Net-Wireless.It is a discussion and proposal on information security and solutions for R-Java handsets and PDAsin wireless network. It also explains the scheme which between client security module and serversecurity module. Also, We have developed a Security Server and a K-Java encryption module fore-commerce system and other trade systems.展开更多
Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and avail...Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and availability of on-demand cloud services.However,in addition to usual threats in almost every computing environment,cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm.Furthermore,since there are a growing number of attacks directed at cloud environments(including dictionary attacks,replay code attacks,denial of service attacks,rootkit attacks,code injection attacks,etc.),customers require additional assurances before adopting cloud services.Moreover,the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches.In this study,the model based on the root of trust for continuous integration and continuous deployment is proposed,instead of only relying on a single signon authentication method that typically uses only id and password.The underlying study opted hardware security module by utilizing the Trusted Platform Module(TPM),which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers.The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment.展开更多
All optical network (AON) is a hot topic in recent studies of optical fiber communications. Key techniques in AON include optical switching/routing, optical cross connection (OXC), all optical wavelength conversi...All optical network (AON) is a hot topic in recent studies of optical fiber communications. Key techniques in AON include optical switching/routing, optical cross connection (OXC), all optical wavelength conversion (AOWC), all optical buffering, etc. Opti- cal switching/routing is in fact wavelength switching/ routing. OXC and wavelength conversion (WC) are introduced into cross nodes so that a virtual wavelength path is established. With WC, communication route is formed only if there is unused wavelength in an individual segment link. The rate wavelength usage is thus greatly increased. The blocking rate of network can be reduced by adding WCs, especially for huge capacity multiple nodes ones. Therefore, WC has attracted much attention in basic research of optical communication and is used in some experimental networks.This dissertation studies all optic wavelength conversion and its application, with the contributions in the following five aspects.展开更多
基金Supported by the National Natural Science Foun-dation of China (90104005 ,60373087 ,60473023) Network andInformation Security Key Laboratory Programof Ministry of Educa-tion of China
文摘The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on the Windows and today's commodity hardware, merely depends on availability of an embedded security module (ESM). ESM and security enhanced BIOS is the root of trust, PMBR (Pre-MBR) checks the integrity of boot data and Windows kernel, which is a checking agent stored in ESM. In the end, the paper analyzed the mathematic expression of the chain of trust and the runtime performance compared with the common booring process. The trust chain bootstrap greatly strengthens the security of personal computer system, and affects the runtime performance with only adding about 12% booting time.
文摘This paper proposes a C/S system model for K-Java and PDA named Net-Wireless.It is a discussion and proposal on information security and solutions for R-Java handsets and PDAsin wireless network. It also explains the scheme which between client security module and serversecurity module. Also, We have developed a Security Server and a K-Java encryption module fore-commerce system and other trade systems.
基金The research work was supported by UTP-Universitas Telkom,Indonesia International Collaborative Research Funding(ICRF)015ME0-153 and Center for Graduate Studies(CGS),Universiti Teknologi PETRONAS(UTP),Perak,Malaysia.
文摘Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and availability of on-demand cloud services.However,in addition to usual threats in almost every computing environment,cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm.Furthermore,since there are a growing number of attacks directed at cloud environments(including dictionary attacks,replay code attacks,denial of service attacks,rootkit attacks,code injection attacks,etc.),customers require additional assurances before adopting cloud services.Moreover,the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches.In this study,the model based on the root of trust for continuous integration and continuous deployment is proposed,instead of only relying on a single signon authentication method that typically uses only id and password.The underlying study opted hardware security module by utilizing the Trusted Platform Module(TPM),which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers.The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment.
文摘All optical network (AON) is a hot topic in recent studies of optical fiber communications. Key techniques in AON include optical switching/routing, optical cross connection (OXC), all optical wavelength conversion (AOWC), all optical buffering, etc. Opti- cal switching/routing is in fact wavelength switching/ routing. OXC and wavelength conversion (WC) are introduced into cross nodes so that a virtual wavelength path is established. With WC, communication route is formed only if there is unused wavelength in an individual segment link. The rate wavelength usage is thus greatly increased. The blocking rate of network can be reduced by adding WCs, especially for huge capacity multiple nodes ones. Therefore, WC has attracted much attention in basic research of optical communication and is used in some experimental networks.This dissertation studies all optic wavelength conversion and its application, with the contributions in the following five aspects.