Information technology security using cryptography

It is widely known that information technology applications should be secured. During the last years, special efforts have been applied to achieve a great level of security. These efforts have increased security in some aspects, such as cryptographic algorithms and authentication techniques, etc. But many other security holes have appeared in these applications, making the improvements achieved a "waste of time and money". In this paper, some of these security holes are exposed. Using security hardware modules can overcome some of these holes, if they are designed according to the applications specification.     

MRO供应链软件概述

基于性能的后勤保障(PBL)和精益维修(Lean MRO)等新的维修模式和经营策略的发展给航空维修(MRO)业带来了重大变化,使MRO业与汽车制造和制药等行业一样,可以通过供应链技术协调各供应商,进行部件的跟踪和记录保存.     

创新安检管理思路 提高安全防范能力

随着全球恐怖威胁程度的不断提高,民航面临的反恐形势也日趋严峻,如何创新安检管理思路,通过研究、探讨、建立一套行之有效的安全防范体系,将各项工作标准及要求落到实处,打造一支政治可靠、素质过硬、特别能战斗的安检队伍,提高安全防范能力,适应新形势下的安保工作要求,是一项十分紧迫而重要的任务。下面我将从安检队伍基本建设、安检工作职能变化及可持续发展三个软件方面的规划建设进行简单阐述。一、抓好基础工作建设,提高日常管理水平不断加强队伍建设,提升管理水     

3D visualization to support airport security operations

In the summer of 2000, the National Safe Skies Alliance awarded a project to the Applied Visualization Center at the University of Tennessee to develop a 3D computer tool to assist the US Federal Aviation Administration security group, now the Transportation Security Administration, in evaluating new equipment and procedures to improve airport checkpoint security. At the time of this writing, numerous detection equipment models, three specific airports, and a placement and passenger flow simulation tool for airport security planners have been developed. Similar tools have been constructed for simulating cargo/baggage inspection and other airport security operations. An extension of the original effort to consolidate the tools is currently underway.     

Changes to vascular biometric system security & performance

When considering biometrics for a Personal Identification System, different modalities can be considered. The final selection will depend on specific application requirements. From the several modalities existing nowadays, vascular systems have appeared on the scene lately. Vein-based identification is claimed to be as reliable as fingerprint or iris identification, but with the usability of hand geometry or even the face. As with any other biometric modalities, vascular solutions have to be deeply analyzed for all relevant factors that could affect their performance or the security level achieved. This will show the analysis of the performance and security achieved by a commercial vascular biometric system, when being applied in several real-world scenarios. These scenarios will cover typical office environments to the more extreme environments, such as extreme light and temperatures, as those suffered in a banking ATM, or with high humidity such as in a gym. The results will show the strengths of this modality, as well as those points where further improvements are needed.     

建立健全航空安保体系 遏制恐怖主义犯罪浪潮——“6·29”劫机事件警示

2012年6月29日发生在新疆和田的暴力劫机事件被挫败,这是继2008年成功挫败"3·7"机上纵火恐怖事件以来,我国航空安全保卫工作的又一次胜利。这不仅证明了当前我国航空安保体系是有效的,也同时给予了我们重大的警示,即中国民航正面临着恐怖主义威胁的汹涌暗流。我们要深刻认识到,在现阶段以及今后相当长的时期内,我们面对的航空安全威胁与上世纪90年代的劫机潮具有截然不同的性质。我们应该     

Secure Flow: a totally integrated transportation security system

Secure Flow is a holistic, integrated methodology that addresses all security vectors (paths that a terrorist may take to enter a threat object into the transportation system), allowing people, baggage, and cargo to move via various transportation systems in a secure fashion, while maintaining an "ease of access" to these diverse systems through innovative technology, procedures, and training. Secure Flow is a totally integrated transportation security system. It is a strategic program with multiple integration projects each being a vector such as: checked baggage, checkpoint, cargo/mail, airport, aircraft, port terminal, and cruise ships. Secure Flow identifies requirements for the establishment of protocols, standards, communications, and development of technologies to link deployable security equipment into a totally integrated transportation security system. The objective of Secure Flow is to secure the flow of passengers, baggage, and cargo from origin to destination to meet the operationally viable needs of the future seamless US Transportation System for the traveling public.     

Aviation data networks: security issues and network architecture

The information technology (IT) revolution, combined with people's need to access information quickly, has resulted in the explosive growth of the Internet in the past decade. Ubiquitous access to the Internet has become an essential component of a mobile workforce, and multiple mechanisms are being devised to ensure seamless connectivity to corporate resources. An integrated security framework requires careful consideration of the security features of the network within an airplane. Potentially, the aircraft could consist of three kinds of networks, namely: passenger network, crew network, and control network. The security protocol implemented must ensure a proper separation of these networks and also watch for any security protocol violations. In this paper, the authors review existing aircraft data network standards, security provisioning, and security threats associated with the aircraft data networks. In addition, the authors also analyze the security threats associated with different network architectures.     

COUNTERFOIL: a new high security optical surface technology

This paper presents a new optical surface technology known as COUNTERFOIL. The COUNTERFOIL technology provides a means of covert information storage and is used as the basis for a range of security seals and labels. The technology has obtained Australian Government Endorsement (SCEC Endorsement) for use in high security applications. It provides a convenient, low cost means to determine authenticity and detect tampering or surreptitious access     

Designing security systems: changing the way we think

Today's world demands new ways of thinking about security solutions. The problem space is complex and ambiguous. Solutions must be multi-dimensional, incorporating not only technology, but the social, economic, political, and religious dynamics of a security intervention. A facilitator-led experiential training program was designed for our technical staff that leads them out of the box. The course design is based upon the theories of cognitive flexibility and situated cognition, and uses a socio-constructivist approach. Participants are led by a senior systems engineer/facilitator through a series of exercises in which they observe contextually relevant right way/wrong way videos, engage in critical thinking assessments about what they observed, and solve logic puzzles. Group interaction and problem-solving is emphasized. As in the real world, there is no one right solution. Outcomes can include a broader understanding of the threat space, creative solutions that enable survival in spite of an evolving enemy, and a deeper sense of the complex dynamics involved in any security decision. Training impact is being evaluated using a mixed qualitative/quantitative approach. Survey data combined with ethnographic interviewing techniques will determine whether participants have transferred their new understandings to the work environment.     

Testing for security during development: why we should scrappenetrate-and-patch

In the commercial sector, security analysis has traditionally been applied at the network system level, after release, using tiger team approaches, After a successful tiger team penetration, specific system vulnerabilities are patched. I make a case for applying software engineering analysis techniques that have proven successful in the software safety arena to security-critical software code. This work is based on the generally held belief that a large proportion of security violations result from errors introduced during software development     

On-Line Vehicle Motion Estimation from Visual Terrain Information Part I: Recursive Image Registration

This paper addresses estimation of motion from the optical flow observed by an airborne down looking electro-optical sensor. The paper is in two parts. Part I addresses the development and analysis of a velocity-to-height ratio estimation algorithm and its principal error characteristics. In part II, it is shown how the information provided by the motion estimator can be integrated with additional on-board sensors to provide a complete autonomous navigation system. Part I as presented here is a summary version of the full length paper.? The algorithm implements recursive registration of successive images by using the gradient of a similarity function between them to control the tracking of their relative shift. The shift estimate provides velocity/height information. Substantial saving in memory and computation as compared to conventional full frame registration is achieved by using only a single line in the TV frame. Stochastic mathematical models for the image, terrain and vehicle velocity perturbations are used in the analysis. The choice of the most appropriate similarity function in the registration algorithm is addressed. Performance analysis indicates very small error variances, as illustrated by numerical examples.     

经济转轨国家证券市场的发展及对我国的启示

在经济体制改革、政府政策推动及完善金融体系等因素的促动下，经济转轨国家相继都恢复或成立了证券市场。这相对于计划经济条件下的证券市场不存在或欠发达状态有了实质性的进步，但基础设施建设落后、法律法规不完善、市场发展不均衡等问题影响并制约其进一步发展。对上述问题的研究给处于发展中的中国证券市场。恰好提供了一种参考和启示。     

情报研究成果的AHP-F评价

本文采用层次分析法与模糊数学综合译判法相结合的方法——AHP-F法,提出了综合情报评判研究成果指标体系和方法,旨在实现对情报研究成果的科学有效的管理。     

从“6·29”劫机事件的成功处置看机组安保培训的必要性

"6·29"劫机事件的成功处置不仅为中国民航安保史画下浓重的一笔,也鼓舞了整个社会打击危害航空安全恐怖活动的斗志。此次事件中,九名机组人员恪尽职守,英勇斗争,获得了"中国民航反劫机英雄机组"荣誉称号。这既体现了他们的良好专业素质,也反映出机组承担着守护航空器安全的重要安保职责。一、机组是保障航空器安全的内核力量在航空运输中,机组承担着多种职责。国际民航组织在2002年制定的     

推进信息化提升质量管理水平

分析了质量管理信息化的现状,探讨了质量管理信息化重要性以及实现方法,研究了质量管理信息系统的主要功能.     

关于上市公司会计信息的若干问题

对国内学者关于会计信息质量特征的论述与国际会计准则关于这一问题说明的区别及上市公司会计信息能否商品化的问题进行了阐述，并提出了进一步改进的意见。