Multicloud access control is important for resource sharing and security interoperability across different clouds,and heterogeneity of access control policy is an important challenge for cloud mashups.XACML is widely ...Multicloud access control is important for resource sharing and security interoperability across different clouds,and heterogeneity of access control policy is an important challenge for cloud mashups.XACML is widely used in distributed environment as a declaratively fine-grained,attribute-based access control policy language,but the policy integration of XACML lacks formal description and theory foundation.Multicloud Access Control Policy Integration Framework(MACPIF)is proposed in the paper,which consists of Attribute-based Policy Evaluation Model(ABPEM),Four-value Logic with Completeness(FLC)and Four-value Logic based Policy Integration Operators(FLPIOs).ABPEM evaluates access control policy and extends XACML decision to four-value.According to policy decision set and policy integration characteristics,we construct FLC and define FLPIOs including Intersection,Union,Difference,Implication and Equivalence.We prove that MACPIF can achieve policy monotonicity,functional completeness,canonical suitability and canonical completeness.Analysis results show that this framework can meet the requirements of policy integration in Multicloud.展开更多
In the era of big data,the conflict between data mining and data privacy protection is increasing day by day.Traditional information security focuses on protecting the security of attribute values without semantic ass...In the era of big data,the conflict between data mining and data privacy protection is increasing day by day.Traditional information security focuses on protecting the security of attribute values without semantic association.The data privacy of big data is mainly reflected in the effective use of data without exposing the user’s sensitive information.Considering the semantic association,reasonable security access for privacy protect is required.Semi-structured and self-descriptive XML(eXtensible Markup Language)has become a common form of data organization for database management in big data environments.Based on the semantic integration nature of XML data,this paper proposes a data access control model for individual users.Through the semantic dependency between data and the integration process from bottom to top,the global visual range of inverted XML structure is realized.Experimental results show that the model effectively protects the privacy and has high access efficiency.展开更多
Global navigation satellite system has been widely used,but it is vulnerable to jamming.In military satellite communications,frequency hopping(FH)signal is usually used for anti-jamming communications.If the FH signal...Global navigation satellite system has been widely used,but it is vulnerable to jamming.In military satellite communications,frequency hopping(FH)signal is usually used for anti-jamming communications.If the FH signal can be used in satellite navigation,the anti-jamming ability of satellite navigation can be improved.Although a recently proposed timefrequency matrix ranging method(TFMR)can use FH signals to realize pseudorange measurement,it cannot transmit navigation messages using the ranging signal which is crucial for satellite navigation.In this article,we propose dual-tone binary frequency shift keyingbased TFMR(DBFSK-TFMR).DBFSK-TFMR designs an extended time-frequency matrix(ETFM)and its generation algorithm,which can use the frequency differences in different dual-tone signals in ETFM to modulate data and eliminate the negative impact of data modulation on pseudorange measurement.Using ETFM,DBFSK-TFMR not only realizes the navigation message transmission but also ensures the precision and unambiguous measurement range of pseudorange measurement.DBFSK-TFMR can be used as an integrated solution for anti-jamming communication and navigation based on FH signals.Simulation results show that DBFSK-TFMR has almost the same ranging performance as TFMR.展开更多
Integer overflow is a common vulnerability in Ethereum Smart Contracts(ESCs)and often causes huge economic losses.Smart contracts cannot be changed once it is deployed on the blockchain and thus demand further testing...Integer overflow is a common vulnerability in Ethereum Smart Contracts(ESCs)and often causes huge economic losses.Smart contracts cannot be changed once it is deployed on the blockchain and thus demand further testing.Mutation testing is a fault-based testing method that can effectively improve the sufficiency of a test for smart contracts.However,existing methods cannot efficiently perform mutation testing specifically for integer overflow in ESCs.Therefore,by analyzing integer overflow in ESCs,we propose five special mutation operators to address such vulnerability in terms of detecting sufficiency in ESC testing.An empirical study on 40 open-source ESCs is conducted to evaluate the effectiveness of the proposed mutation operators.Results show that(1)our proposed mutation operators can reproduce all 179 integer overflow vulnerabilities in 40 smart contracts,and the generated mutants have high compilation pass rate and integer overflow vulnerability generation rate;moreover,(2)the generated mutants can find the shortcomings of existing testing methods for integer overflow vulnerability,thereby providing effective support to improve the sufficiency of the test.展开更多
Software Defect Prediction(SDP) technology is an effective tool for improving software system quality that has attracted much attention in recent years.However,the prediction of cross-project data remains a challenge ...Software Defect Prediction(SDP) technology is an effective tool for improving software system quality that has attracted much attention in recent years.However,the prediction of cross-project data remains a challenge for the traditional SDP method due to the different distributions of the training and testing datasets.Another major difficulty is the class imbalance issue that must be addressed in Cross-Project Defect Prediction(CPDP).In this work,we propose a transfer-leaning algorithm(TSboostDF) that considers both knowledge transfer and class imbalance for CPDP.The experimental results demonstrate that the performance achieved by TSboostDF is better than those of existing CPDP methods.展开更多
基金supported by National Key R&D Program of China (2017YFB0802900)NUPTSF (No. NY219004)
文摘Multicloud access control is important for resource sharing and security interoperability across different clouds,and heterogeneity of access control policy is an important challenge for cloud mashups.XACML is widely used in distributed environment as a declaratively fine-grained,attribute-based access control policy language,but the policy integration of XACML lacks formal description and theory foundation.Multicloud Access Control Policy Integration Framework(MACPIF)is proposed in the paper,which consists of Attribute-based Policy Evaluation Model(ABPEM),Four-value Logic with Completeness(FLC)and Four-value Logic based Policy Integration Operators(FLPIOs).ABPEM evaluates access control policy and extends XACML decision to four-value.According to policy decision set and policy integration characteristics,we construct FLC and define FLPIOs including Intersection,Union,Difference,Implication and Equivalence.We prove that MACPIF can achieve policy monotonicity,functional completeness,canonical suitability and canonical completeness.Analysis results show that this framework can meet the requirements of policy integration in Multicloud.
基金This work was supported by Funding of Jiangsu Innovation Program for Graduate Education KYLX_0285,the National Natural Science Foundation of China(No.61602241)the Natural Science Foundation of Jiangsu Province(No.BK20150758)the pre-study fund of PLA University of Science and Technology.
文摘In the era of big data,the conflict between data mining and data privacy protection is increasing day by day.Traditional information security focuses on protecting the security of attribute values without semantic association.The data privacy of big data is mainly reflected in the effective use of data without exposing the user’s sensitive information.Considering the semantic association,reasonable security access for privacy protect is required.Semi-structured and self-descriptive XML(eXtensible Markup Language)has become a common form of data organization for database management in big data environments.Based on the semantic integration nature of XML data,this paper proposes a data access control model for individual users.Through the semantic dependency between data and the integration process from bottom to top,the global visual range of inverted XML structure is realized.Experimental results show that the model effectively protects the privacy and has high access efficiency.
文摘Global navigation satellite system has been widely used,but it is vulnerable to jamming.In military satellite communications,frequency hopping(FH)signal is usually used for anti-jamming communications.If the FH signal can be used in satellite navigation,the anti-jamming ability of satellite navigation can be improved.Although a recently proposed timefrequency matrix ranging method(TFMR)can use FH signals to realize pseudorange measurement,it cannot transmit navigation messages using the ranging signal which is crucial for satellite navigation.In this article,we propose dual-tone binary frequency shift keyingbased TFMR(DBFSK-TFMR).DBFSK-TFMR designs an extended time-frequency matrix(ETFM)and its generation algorithm,which can use the frequency differences in different dual-tone signals in ETFM to modulate data and eliminate the negative impact of data modulation on pseudorange measurement.Using ETFM,DBFSK-TFMR not only realizes the navigation message transmission but also ensures the precision and unambiguous measurement range of pseudorange measurement.DBFSK-TFMR can be used as an integrated solution for anti-jamming communication and navigation based on FH signals.Simulation results show that DBFSK-TFMR has almost the same ranging performance as TFMR.
基金supported by National Key R&D Program of China(No.2018YFB1403400)the National Natural Science Foundation of China(No.61702544)+1 种基金Natural Science Foundation of Jiangsu Province,China(Nos.BK20160769 and BK20141072)China Postdoctoral Science Foundation(No.2016M603031)。
文摘Integer overflow is a common vulnerability in Ethereum Smart Contracts(ESCs)and often causes huge economic losses.Smart contracts cannot be changed once it is deployed on the blockchain and thus demand further testing.Mutation testing is a fault-based testing method that can effectively improve the sufficiency of a test for smart contracts.However,existing methods cannot efficiently perform mutation testing specifically for integer overflow in ESCs.Therefore,by analyzing integer overflow in ESCs,we propose five special mutation operators to address such vulnerability in terms of detecting sufficiency in ESC testing.An empirical study on 40 open-source ESCs is conducted to evaluate the effectiveness of the proposed mutation operators.Results show that(1)our proposed mutation operators can reproduce all 179 integer overflow vulnerabilities in 40 smart contracts,and the generated mutants have high compilation pass rate and integer overflow vulnerability generation rate;moreover,(2)the generated mutants can find the shortcomings of existing testing methods for integer overflow vulnerability,thereby providing effective support to improve the sufficiency of the test.
基金supported by the Army Weapons and Equipment Internal Research (No. LJ20191C080690)。
文摘Software Defect Prediction(SDP) technology is an effective tool for improving software system quality that has attracted much attention in recent years.However,the prediction of cross-project data remains a challenge for the traditional SDP method due to the different distributions of the training and testing datasets.Another major difficulty is the class imbalance issue that must be addressed in Cross-Project Defect Prediction(CPDP).In this work,we propose a transfer-leaning algorithm(TSboostDF) that considers both knowledge transfer and class imbalance for CPDP.The experimental results demonstrate that the performance achieved by TSboostDF is better than those of existing CPDP methods.
