In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used ...In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.展开更多
Delay/Disruption-Tolerant Networking(DTN) originated from research on Interplanetary Internet and still today space applications are the most important application field and research stimulus. This paper investigates ...Delay/Disruption-Tolerant Networking(DTN) originated from research on Interplanetary Internet and still today space applications are the most important application field and research stimulus. This paper investigates DTN communications between the Earth and the far side of the Moon, by means of a lunar orbiter acting as relay. After an introductory part, the paper presents a comprehensive analysis of the DTN performance that can be achieved on the identified communication scenario. The focus is on the evaluation of the stateof-the-art ability of Interplanetary Overlay Network(ION), the NASA DTN implementation of Bundle Protocol(BP) and Contact Graph Routing(CGR), to meet the many challenges of the space communication scenario investigated(and more generally of a future interplaynetary Internet): intermittent links, network partitioning, scarce bandwidth, long delays, dynamic routing, handling of high priority and emergency traffic, interoperability issues. A study of security threats and Bundle Security Protocol(BSP) countermeasures complete the work.The many results provided, confirm the essential role of DTN in future space communications.展开更多
Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in ...Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.展开更多
基金Acknowledgements This work was supported by Research Funds of Information Security Key Laboratory of Beijing Electronic Science & Technology Institute National Natural Science Foundation of China(No. 61070219) Building Together Specific Project from Beijing Municipal Education Commission.
文摘In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.
文摘Delay/Disruption-Tolerant Networking(DTN) originated from research on Interplanetary Internet and still today space applications are the most important application field and research stimulus. This paper investigates DTN communications between the Earth and the far side of the Moon, by means of a lunar orbiter acting as relay. After an introductory part, the paper presents a comprehensive analysis of the DTN performance that can be achieved on the identified communication scenario. The focus is on the evaluation of the stateof-the-art ability of Interplanetary Overlay Network(ION), the NASA DTN implementation of Bundle Protocol(BP) and Contact Graph Routing(CGR), to meet the many challenges of the space communication scenario investigated(and more generally of a future interplaynetary Internet): intermittent links, network partitioning, scarce bandwidth, long delays, dynamic routing, handling of high priority and emergency traffic, interoperability issues. A study of security threats and Bundle Security Protocol(BSP) countermeasures complete the work.The many results provided, confirm the essential role of DTN in future space communications.
基金This work is supported by National Natural Science Foundation of China under contract 60902008.
文摘Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.
