入侵检测系统技术分析及改进

随着网络入侵技术的不断更新,作为防范网络入侵的最常见的防火墙,已经无法满足保障安全的需要,这就需要新技术——入侵检测系统(IDS)。本文详细介绍和分析了入侵检测系统的原理,分类及功能,并最后提出了一个简单的入侵检测探测改进模型。     

分布式防火墙与入侵检测系统的联动研究

针对传统防火墙在动态防御方面的缺陷,提出了一种新型的安全系统。该系统基于分布式防火墙环境与入侵检测技术,实现了分布式防火墙与入侵检测系统之间的联动。从网络安全整体性和动态性的需求考虑,能够实时检测并响应动态网络安全事件,实现了对突发网络攻击的主动防御。     

一种可生存性的通用突变算法模式及其模拟框架

可生存性是近年来网络安全领域的研究热点。提出将可生存性的目标系统分为有界系统和无界系统,并给出用于实现无界系统的可生存性突变算法的通用模式,其使用多代理系统和协议进行系统建模,部署可生存性控制代理,设计代理间的互操作协议,以此提高系统的可生存性。最后还设计了用于验证和评估突变算法的模拟框架。     

Internet上的入侵容忍服务技术

介绍了一种在Internet环境下入侵容忍系统技术.现代网络的安全研究主要是从如何防止攻击的角度来进行的.入侵容忍系统技术则假设攻击与正常数据是不能明确区分的,攻击的发生是不可避免的.如何在有攻击的情况下,使网络仍能为预期的合法用户提供有效的服务是入侵容忍系统技术的重点.     

游戏平台入侵检测技术研究

网络安全问题是一个十分复杂的问题,涉及到电子商务、信息交换和游戏服务器。入侵检测与防御技术作为新一代网络信息安全保障技术,它主动地对网络信息系统中的恶意入侵行为进行识别和响应,不仅检测和防御来自外部网络的入侵行为,同时监视和防止内部用户未授权活动和误操作行为。本文提出了针对游戏服务器的入侵检测方案,在一定程度上缓解了黑客攻击游戏服务器的行为。     

我国产业安全评价指标体系的再构建与实证研究

本文在产业安全评价体系构建意义和文献资料回顾梳理基础上,运用合项思维方法,创造性地提出产业竞争力生成能力、产业控制力、产业生态环境、产业竞争力、产业依存度"五因素模型"评价体系。采用层次分析方法和熵权法对产业安全指标进行权重设置,并通过功效系数法定量分析我国产业的产业安全程度的估算值为53.6,处于"临界状态"的结论。指出我国产业安全目前存在较大系统风险,需要从国家战略上提升在产业安全领域的防范应对能力和管理水平,提高产业竞争力生成能力,加强产业控制力,降低产业依存度,保障产业可持续健康发展,确保国家产业安全及国家安全。     

“十一五”期间中国煤炭产业安全分析与定量估算

从经济安全的角度诠释了煤炭产业安全,在此基础上构建了煤炭产业安全指标体系和评价模型,并对“十一五”期间我国煤炭产业安全状况进行了估算。结果表明,在此期间我国煤炭产业处于基本安全状态,产业竞争力是影响煤炭产业安全的关键因素。     

The enterprise knowledge dictionary

One of the difficulties in knowledge management is that knowledge sources are widely distributed and exist in many forms. Earl's taxonomy (2001) of knowledge management systems, particularly, the Technocratic school – Systems, Cartographic, and Engineering, is described to provide a context for discussing the different types of knowledge management systems. To support these different types of knowledge sources, we describe an Enterprise Knowledge Dictionary (EKD) and the supporting n-tier architecture that allows access too many types of knowledge though a common interface. The EKD provides a knowledge portal that allows the knowledge seeker to locate and access the various types of knowledge for a domain of interest from a single source. In addition to facilitating knowledge reuse, the EKD is used for evaluation and planning of knowledge management activities within the firm. An n-tier architecture that both optimizes knowledge management implementations and minimizes the load on transaction processing systems is outlined.     

通过部署入侵防御系统（IPS）来提升网络安全

本文首先介绍了入侵防御系统(IPS)工作原理、IPS的分类.并且对比了防火墙、IDS相对于IPS的局限,提出通过部署入侵防御系统(IPS)来提升网络安全,以及应该怎样在网络中部署IPS.     

National Systems of Entrepreneurship: Measurement issues and policy implications

We introduce a novel concept of National Systems of Entrepreneurship and provide an approach to characterizing them. National Systems of Entrepreneurship are fundamentally resource allocation systems that are driven by individual-level opportunity pursuit, through the creation of new ventures, with this activity and its outcomes regulated by country-specific institutional characteristics. In contrast with the institutional emphasis of the National Systems of Innovation frameworks, where institutions engender and regulate action, National Systems of Entrepreneurship are driven by individuals, with institutions regulating who acts and the outcomes of individual action. Building on these principles, we also introduce a novel index methodology to characterize National Systems of Entrepreneurship. The distinctive features of the methodology are: (1) systemic approach, which allows interactions between components of National Systems of Entrepreneurship; (2) the Penalty for Bottleneck feature, which identifies bottleneck factors that hold back system performance; (3) contextualization, which recognizes that national entrepreneurship processes are always embedded in a given country's institutional framework.     

高校校园网信息安全核心技术的应用研究

依据长江师范学院校园网建设的实际情况进行了安全需求分析,然后具体给出了数据安全、网页防篡改、防火墙、IDS等方面的安全解决方案。目前的运行结果表明,该方案设计合理,能较好满足校园网的安全需求。     

Software security requirements management as an emerging cloud computing service

Emerging cloud applications are growing rapidly and the need for identifying and managing service requirements is also highly important and critical at present. Software Engineering and Information Systems has established techniques, methods and technology over two decades to help achieve cloud service requirements, design, development, and testing. However, due to the lack of understanding of software security vulnerabilities that should have been identified and managed during the requirements engineering phase, we have not been so successful in applying software engineering, information management, and requirements management principles that have been established for the past at least 25 years, when developing secure software systems. Therefore, software security cannot just be added after a system has been built and delivered to customers as seen in today’s software applications. This paper provides concise methods, techniques, and best practice requirements engineering and management as an emerging cloud service (SSREMaaES) and also provides guidelines on software security as a service. This paper also discusses an Integrated-Secure SDLC model (IS-SDLC), which will benefit practitioners, researchers, learners, and educators. This paper illustrates our approach for a large cloud system Amazon EC2 service.     

计算机应急响应系统体系研究

应急响应是维护计算机和网络系统动态安全性的关键问题 .提出了基于层次化模型的计算机应急响应系统体系结构 ,从安全服务层、系统模块层、安全研究层的角度对系统的功能需求、模块划分和相应的技术支持给出了明确的定义 ,针对计算机应急响应系统所关注的事件响应、安全监控、入侵追踪、灾难恢复等问题 ,结合向用户提供的安全咨询、安全公告、安全状况分析等服务功能 ,进行了详细的阐述 .     

大数据分析处理技术新体系的思考

近年来,大数据技术与系统在性能和效率方面已经取得了显著的提升,大数据应用到各个行业,赋能产业智能化发展,成为信息社会进入智能化阶段的关键要素。然而,大数据技术发展也面临着更深层次的挑战,如数据泛滥与高价值数据缺失并存、大数据分析研判复杂不确定、数据流通共享与数据可信安全使用难以兼顾等。这些挑战将推动大数据分析处理技术的创新变革,促进新技术体系的建立与发展。文章面向大数据分析处理面临的新架构、新模式、新范式和安全可信需求,提出构建新一代大数据分析处理系统栈,探索大数据价值利用新范式,并展望新技术体系下的牵引性需求与重大应用。     

基于策略的入侵检测本体研究

该研究建立了一种基于策略的入侵检测本体模型,该模型具有进行误用检测和异常检测的能力,能共享和重用知识并进行分析。该研究用OWL对本体进行了规格说明,对系统的架构进行了探讨并进行了应用举例。     

软件动态流程模型及其形式化描述方法研究

面向服务的体系结构正在促进软件结构研究的发展,特别是对于那些面临需求经常变更的企业过程流程应用系统而言更是如此。为了适应现实需求,本文给出了一个基于粒度等级和松散耦合的动态软件流程(SAWM)模型,利用XML的可扩展性提出了FDL流程描述语言和ADL活动描述语言,结合SAX事件驱动的解释技术实现了流程语义解释和自适应调整,建立了软件动态流程关系。     

A framework of cloud-based virtual phones for secure intelligent information management

As mobile networks and devices being rapidly innovated, many new Internet services and applications have been deployed. However, the current implementation faces security, management, and performance issues, which are critical to the use in business environments. Migrating sensitive information, management facilities, and intensive computation to security hardened virtualized environment in the cloud provides effective solutions. This paper proposes an innovative Internet service and business model to provide a secure and consolidated environment for enterprise mobile information management based on the infrastructure of cloud-based virtual phones (CVP). Our proposed solution enables the users to execute Android and web applications in the cloud and connect to other users of CVP with enhanced performance and protected privacy. The organization of CVP can be mixed with centralized control and distributed protocols, which emulates the behavior of human societies. This minimizes the need to handle sensitive data in mobile devices, eases the management of data, and reduces the overhead of mobile application deployment.     

高校科技评价的数字化转型研究

为向高校科技评价提供新的思路和方法,梳理国内高校科技评价研究现状,针对传统做法普遍存在需耗费大量人力物力进行数据收集和管理效率低等问题,从数据采集和评价方法两个方面分析信息化和数字化转型带来的新机遇,提出基于数据仓库的高校科技活动数据采集概念模型和基于数据挖掘的高校科技评价概念模型;并基于模型的应用需求,从数据的来源和结构多样性、属性间相关性和安全性以及模型选择重要性等方面分析高校科技评价数字化转型面临的挑战,指出数据多样性和安全性以及模型选择是目前面临的主要挑战.     

An enterprise architecture framework for electronic requirements information management

Managing information about client requirements effectively can contribute to improve the quality of built facilities, and their related services. However, the process has been challenging to construction project management often resulting in failed projects. This necessitates an overwhelming need for a better approach. This paper presents a novel enterprise architecture framework for managing information about client requirements across all phases of a construction project and through-life of a built facility. The Integrated electronic Requirements Information Management Framework (eRIM) defines an information-centric, and process and service-oriented enterprise architecture approach to requirements management. It also describes how Information and Communication Technology (ICT)/Information Systems (IS) can support this information management. In developing the framework, findings from three case study projects were collated through observations, a questionnaire and interviews of construction practitioners. It is concluded that when implemented and incorporated in the management of construction projects, the eRIM architecture framework can potentially contribute towards improved and more efficient and effective management of client requirements across all stages of a project. Further work is outlined to operationalize the framework.     

基于鱼骨图和AHP的产业集群知识创新能力影响因素研究

采用定量和定性相结合的方法分析产业集群知识创新能力的影响因素,首先用鱼骨图法梳理出产业集群知识创新能力影响因素,然后导入AHP模型中,通过主观评价、专家评判和综合分析构造判断矩阵,计算各个影响因素相对于目标问题的重要性权重,最后通过排序找出关键影响因素,并为提高产业集群知识创新能力提供一些建设性意见。