Secure Flow: a totally integrated transportation security system

Secure Flow is a holistic, integrated methodology that addresses all security vectors (paths that a terrorist may take to enter a threat object into the transportation system), allowing people, baggage, and cargo to move via various transportation systems in a secure fashion, while maintaining an "ease of access" to these diverse systems through innovative technology, procedures, and training. Secure Flow is a totally integrated transportation security system. It is a strategic program with multiple integration projects each being a vector such as: checked baggage, checkpoint, cargo/mail, airport, aircraft, port terminal, and cruise ships. Secure Flow identifies requirements for the establishment of protocols, standards, communications, and development of technologies to link deployable security equipment into a totally integrated transportation security system. The objective of Secure Flow is to secure the flow of passengers, baggage, and cargo from origin to destination to meet the operationally viable needs of the future seamless US Transportation System for the traveling public.     

中国与美国证券信息披露制度的比较

证券信息披露制度是证券市场制度的重要组成部分.中国和美国由于国情以及证券发展历史背景不同等原因,在关于信息披露的具体规定方面存在较大的差异,分析比较这些差异,对规范发展我国的证券市场,具有重要的借鉴意义.     

基于5G的通导融合位置认证系统性能分析

随着无人化智能移动装备在工业、交通等安全敏感领域的普及应用,民用导航定位系统中的定位安全问题日益突出。位置认证是对终端的物理位置声明进行认证的过程,是导航定位安全技术的重要组成部分。基于第五代(5G)移动通信网络的通导融合位置认证系统具有覆盖范围广、认证精度高、用户容量大、建设运维成本低等多重优势。本文首先介绍了多基站位置认证系统的检测判决原理,提出了漏检平均距离的定义作为位置认证系统精度的量化评价指标。在此基础上,通过数值仿真分析了信号带宽、基站同步误差、信噪比对位置认证系统精度的影响,并利用5G信道模型评估了典型场景下的位置认证系统的性能。结果表明,在具备3个以上的视距基站时,基于5G的通导融合位置认证系统可以实现米级的位置认证精度。     

基于5G的通导融合位置认证系统性能分析

随着无人化智能移动装备在工业、交通等安全敏感领域的普及应用，民用导航定位系统中的定位安全问题日益突出。位置认证是对终端的物理位置声明进行认证的过程，是导航定位安全技术的重要组成部分。基于第五代(5G)移动通信网络的通导融合位置认证系统具有覆盖范围广、认证精度高、用户容量大、建设运维成本低等多重优势。本文首先介绍了多基站位置认证系统的检测判决原理，提出了漏检平均距离的定义作为位置认证系统精度的量化评价指标。在此基础上，通过数值仿真分析了信号带宽、基站同步误差、信噪比对位置认证系统精度的影响，并利用5G信道模型评估了典型场景下的位置认证系统的性能。结果表明，在具备3个以上的视距基站时，基于5G的通导融合位置认证系统可以实现米级的位置认证精度。     

Large Capacity Magnetic Bubble Memories for Government Applications

Magnetic bubble memories are an all solid-state, nonvolatile technology that offers a viable alternative to rotating electromechanical memory systems. Rotating memory systems such as magnetic disks, tapes, or drums are often not practical in government applications because of maintenance, reliability, and security problems. Bubble memories offer improvements in the required system reliability for these applications and lend themselves to a modular memory design not possible with mechanical systems. A 244 Mbit memory system is described which is general purpose in design, has a block random access architecture, and has demonstrated its high reliability.     

航天测控中心系统自主可控建设的研究与思考

着眼于我国航天测控中心系统信息安全的形势要求,对系统软硬件平台自主可控技术的应用现状进行了分析,指出了当前存在的一些安全隐患问题。立足于航天测控中心系统当前发展实际,结合信息安全方面的特殊要求,从加强自主可控的顶层设计、抓好测试验证、分层推广应用等方面提出了系统自主可控建设的思路。针对自主可控建设的长期性和复杂性,从技术继承与发展、技术引进与对外合作、系统升级与安全平稳过渡等三个方面,探讨了在自主可控建设的进程中应该处理好的几个关系问题。对于当前我国航天测控中心面临的自主可控建设有一定的借鉴意义。     

WTO背景下中国证券市场国际化

证券市场国际化是20世纪80年代以来世界金融市场的一大发展趋势,是生产国际化和资本国际化发展的必然结果,也是国际融资证券化趋势的必然要求.但是我国的证券市场国际化存在着诸多障碍,特别是我国加入WTO后更是面临严峻的挑战.然而机遇与挑战同在,我们应该抓住机遇,在坚持循序渐进地开放证券市场的原则下,大力发展我国证券市场,加速证券市场国际化.文章以我国证券市场的发展为主线,对WTO背景下我国证券市场国际化问题进行了探析.     

河南省社会保障制度的综合评价

运用纵向比较分析与横向比较分析相结合的方法,从社会保障支出水平、社会保障覆盖水平和社会保障制度运行的经济效率三个方面对河南省社会保障制度的建设水平进行了综合评价研究。河南省的社会保障制度建设虽然取得了一定进步,但与全国平均水平相比,河南省的社保支出水平仍然较低,覆盖水平也很有限。努力构建适合河南省情的,覆盖城乡全体居民的多层次、多支柱的社会保障体系,是实现河南人民建设和谐社会的关键。     

Intrusion location capability added to synergistic radar technology

There is a new trend in the outdoor security market that demands more precision in identifying the crossing area of an intruder. Often called intrusion location capability, this capability also presents inherent features such as more accuracy in camera pre-set positioning and temporary disabling of sub-zone and individual sensitivity level per sub-zone. However even though market trend demands them, such features must have minimum impact to overall system cost. How the synergistic radar technology can be modified to offer intruder location capability to a sub-zone area as precise as 10% of the total zone length is presented. For a typical zone length of 100 meters, the zone is sub-divided into up to ten equally spaced sub-zones of 10 meters each, giving an intrusion crossing point resolution of 10 meters. Synergistic radar technology can be applied to buried, surface, wall and roof applications. This intrusion location capability also applies to each of these applications     

个人诚信体系及其框架研究

个人诚信体系是信用体系的重要构成部分，对一个国家的金融和经济安全，以及促进消费增长发挥着重要作用。我国建立个人诚信体系可以扩大内需，防范和化解信用风险、金融风险，促进现代市场信用体系的完善。文章提出了我国建立个人诚信的框架体系。     

计算机网络安全及安全审计技术研究

通过对计算机安全和安全审计问题的简要分析，并结合网络系统的特点，力图较系统深入地探讨计算机网络安全及其审计技术；在此基础上，提出了一个网络安全审计模型。     

综合化航空电子系统可信软件技术

航空电子系统要求航空任务的执行具有确定性、可预测和可控性。深入分析综合化航空电子系统软件安全性、可靠性、完整性和实时性需求,提出了综合化航空电子系统软件可信性的定义。首次将可信计算引入到综合化航空电子系统中,建立综合化航空电子系统可信软件体系结构,在此基础上,提出软件可信运行环境构建方法和可靠性增强技术。这些技术能够保障综合化航空电子系统的可预测性,对保证飞机任务的执行及其安全具有重要的作用,为研制适合于中国大飞机的综合化航空电子系统可信软件奠定基础。     

基于代理的分布式入侵检测系统研究与设计

传统的入侵检测系统一般局限于单一的主机或网络架构,对异构系统及大规模网络的检测明显不足,同时不同的入侵检测系统之间不能协同工作.分布式入侵检测将会是未来的主流.本文提出了一种基于AGENT的检测系统作为在网络环境中的IDS,AGENT的灵活性保证它可以成为保障系统的安全提供混合模式的架构,重点讨论了自适应模型生成、系统的总体结构、关键部件设计、Agent管理及系统实现等问题.     

股指期货规避我国股市风险的应用分析

本文围绕股指期货的定价、套期保值及股指对冲等内容，分析利用股指期货规避系统风险的基本原理，结合我国证券市场实际情况，对更好地发挥股指期货的避险功能提出建议。     

On measurement of operational security

Ideally, a measure of the security of a system should capture quantitatively the intuitive notion of “the ability of the system to resist attack.” That is, it should be operational, reflecting the degree to which the system can be expected to remain free of security breaches under particular conditions of operation (including attack). Instead, current security levels at best merely reflect the extensiveness of safeguards introduced during the design and development of a system. Whilst we might expect a system developed to a higher level than another to exhibit “more secure behavior” in operation, this cannot be guaranteed; more particularly, we cannot infer what the actual security behavior will be from knowledge of such a level. In the paper we discuss similarities between reliability and security with the intention of working toward measures of “operational security” similar to those that we have for reliability of systems. Very informally, these measures could involve expressions such as the rate of occurrence of security breaches, or the probability that a specified “mission” can be accomplished without a security breach. This new approach is based on the analogy between system failure and security breach, but it raises several issues which invite empirical investigation. We briefly describe a pilot experiment that we have conducted to judge the feasibility of collecting data to examine these issues     

航电系统并行检测过程与检测设备解耦方法

航电系统在使用或升级改造过程中进行可靠性检测是必不可少的。特别是在当前批量航电系统大量投入使用的背景下，迫切需要能高效、快速、准确地对系统进行可靠性检测。由于航电系统安全性要求高，内置检测软件受限，需要外置检测设备通过航电系统指定接口进行检测，检测过程也不允许出现任何泄露等行为。检测设备与具体航电系统耦合，检测过程与具体检测设备耦合，难以实现批量航电系统并行检测。为此，通过引入逻辑检测设备，给出了一种航电系统并行检测分层框架，解决检测设备与被测系统耦合的问题，同时也保证了检测的安全性。通过逻辑检测设备、检测跳转机和被测主机上检测行为的描述，给出了一种面向通用航电系统并行检测的检测设备协同机制，解决检测过程与检测设备耦合的问题，从而支持多个航电系统并行检测。最后，实现了一个通用航电系统并行检测系统，并通过实际应用和实验对比验证所提方法的有效性。     

江苏省智慧旅游公共服务平台建设

大力促进智慧旅游的发展是引领我国旅游业从传统服务业向战略性支柱产业和现代服务业转型升级的必然选择,科学部署智慧旅游服务公共服务平台建设和应用,是政府推动智慧旅游更好、更快发展的重要抓手.江苏作为我国智慧旅游建设的主要示范省,正在对智慧旅游公共服务平台建设进行统筹规划,平台建设的必要性和可行性都已较为明确,重点应从制度体系、基础设施体系、综合数据库系统、共享服务系统、应用体系、服务体系、标准规范体系和信息安全与运营管理体系八个维度进行科学布局,力争智慧旅游公共服务平台成为推进江苏从旅游大省向旅游强省跃升的重要支撑力量.     

EBAA：An efficient broadcast authentication scheme for ADS-B communication based on IBS-MR

Automatic dependent surveillance-broadcast （ADS-B） systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management （ATM） systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortu- nately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery （IBS-MR）, an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters＇ private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.     

Is information security an oxymoron?

Although weaknesses have been demonstrated in some security techniques (encryption, protocols, mobile code such as Java, etc.), current security technology is quite strong in many areas. Despite this, information security has proved difficult to achieve in large modern software systems. Many problems have been reported in which supposedly secure systems have been penetrated and, in some cases, significant damage done. One problem considered is a buffer-overrun attack. The idea called a 〈wrapper〉 which is a layer of software that logically surrounds a software artifact and enhances the functionality of the artifact in some way, is then discussed. Most proposals for the use of wrappers assume that their presence is transparent to the artifact being wrapped. In other words, the artifact sees its operating environment as unchanged and the artifact does not have to be modified in i order to permit it to be wrapped. Wrappers have been proposed as an approach to dealing with deficiencies in existing systems, deficiencies in security for example. The use of shells as a feasible solution to the problem of security is also considered     

Secure wireless collection and distribution of commercial airplane health data

The introduction of wireless communication capabilities supporting transfer of sensor data and information on-board commercial airplanes as well as between airplanes and supporting ground systems has the potential to significantly improve the safety and efficiency of air travel. The benefits, however, come at the cost of information security vulnerabilities introduced by data networks. Regulatory institutions, including the FAA, are aware that security requirements for network-enabled airplanes must be fully identified. Therefore, this focuses on wireless airplane health monitoring and management, and contributes a security framework to identify threats and system requirements to mitigate these threats. We also present challenges and open problems in enabling secure use of wireless sensor networks for health monitoring and control of commercial airplanes.