Wireless body area networks(WBANs)are an emerging technology for the real-time monitoring of physiological signals.WBANs provide a mechanism for collecting,storing,and transmitting physiological data to healthcare pro...Wireless body area networks(WBANs)are an emerging technology for the real-time monitoring of physiological signals.WBANs provide a mechanism for collecting,storing,and transmitting physiological data to healthcare providers.However,the open wireless channel and limited resources of sensors bring security challenges.To ensure physiological data security,this paper provides an efficient Certificateless Public Key Infrastructure Heterogeneous Ring Signcryption(CP-HRSC)scheme,in which sensors are in a certificateless cryptosystem(CLC)environment,and the server is in a public key infrastructure(PKI)environment.CLC could solve the limitations of key escrow in identity-based cryptography(IBC)and certificate management for public keys in PKI.While PKI is suited for the server because it is widely used on the Internet.Furthermore,this paper designs a ring signcryption method that allows the controller to anonymously encrypt physiological data on behalf of a set of sensors,but the server does not exactly know who the sensor is.The construction of this paper can achieve anonymity,confidentiality,authentication,non-repudiation,and integrity in a logically single step.Under the computational Diffie-Hellman(CDH)problem,the formal security proof is provided in the random oracle model(ROM).This paper demonstrates that this scheme has indistinguishability against adaptive chosen ciphertext attacks(IND-CCA2)and existential unforgeability against adaptive chosen message attacks(EUF-CMA).In terms of computational cost and energy usage,a comprehensive performance analysis demonstrates that the proposed scheme is the most effective.Compared to the three existing schemes,the computational cost of this paper’s scheme is reduced by about 49.5%,4.1%,and 8.4%,and the energy usage of our scheme is reduced by about 49.4%,3.7%,and 14.2%,respectively.展开更多
Traditional public key infrastructure(PKI)only provides authentication for network communication,and the standard X.509 certificate used in this architecture reveals the user’s identity.This lack of privacy protectio...Traditional public key infrastructure(PKI)only provides authentication for network communication,and the standard X.509 certificate used in this architecture reveals the user’s identity.This lack of privacy protection no longer satisfies the increasing demands for personal privacy.Though an optimized anonymous PKI certificate realizes anonymity,it has the potential to be abused due to the lack of identity tracking.Therefore,maintaining a balance between user anonymity and traceability has become an increasing requirement for current PKI.This paper introduces a novel traceable self-randomization certificate authentication scheme based on PKI architecture that achieves both anonymity and traceability.We propose a traceable self-randomization certificate authentication scheme based on the short randomizable signature.Specifically,certificate users can randomize the initial certificate and public key into multiple anonymous certificates and public keys by themselves under the premise of traceability,which possesses lower computational complexity and fewer interactive operations.Users can exhibit different attributes of themselves in different scenarios,randomizing the attributes that do not necessarily need to be displayed.Through security and performance analysis,we demonstrate the suitability of the improved PKI architecture for practical applications.Additionally,we provide an application of the proposed scheme to the permissioned blockchain for supervision.展开更多
In the context of today's big data and cloud computing,the global flow of data has become a powerful driver for international economic and investment growth.The EU and the U.S.have created two different paths for ...In the context of today's big data and cloud computing,the global flow of data has become a powerful driver for international economic and investment growth.The EU and the U.S.have created two different paths for the legal regulation of the cross-border flow of personal data due to their respective historical traditions and realistic demands.The requirements for data protection have shown significant differences.The EU advocates localization of data and firmly restricts cross-border flow of personal data.The U.S.tends to protect personal data through industry self-regulation and government law enforcement.At the same time,these two paths also merge and supplement with each other.Based on this,China needs to learn from the legal regulatory paths of the EU and the US,respectively,to establish a legal idea that places equal emphasis on personal data protection and the development of the information industry.In terms of domestic law,the Cybersecurity Law of the People's Republic of China needs to be improved and supplemented by relevant supporting legislation to improve the operability of the law;the industry self-discipline guidelines should be established;and various types of cross-border data need to be classified and supervised.In terms of international law,it is necessary to participate in international cooperation based on the priority of data sovereignty and promote the signing of bilateral,multilateral agreements,and international treaties on the cross-border flow of personal data.展开更多
With the rising popularity of the Internet and the development of big data technology,an increasing number of organizations are opting to cooperate across domains to maximize their benefits.Most organizations use publ...With the rising popularity of the Internet and the development of big data technology,an increasing number of organizations are opting to cooperate across domains to maximize their benefits.Most organizations use public key infrastructure to ensure security in accessing their data and applications.However,with the continuous development of identity-based encryption(IBE)technology,small-and medium-sized enterprises are increasingly using IBE to deploy internal authentication systems.To solve the problems that arise when crossing heterogeneous authentication domains and to guarantee the security of the certification process,we propose using blockchain technology to establish a reliable cross-domain authentication scheme.Using the distributed and tamper-resistant characteristics of the blockchain,we design a cross-domain authentication model based on blockchain to guarantee the security of the heterogeneous authentication process and present a cross-domain authentication protocol based on blockchain.This model does not change the internal trust structure of each authentication domain and is highly scalable.Furthermore,on the premise of ensuring security,the process of verifying the signature of the root certificate in the traditional cross-domain authentication protocol is improved to verify the hash value of the root certificate,thereby improving the authentication efficiency.The developed prototype exhibits generality and simplicity compared to previous methods.展开更多
It is a fact that the available sub-surface space is quickly filling up and that the risk of damage to infrastructure and the environment is increasing steadily.On the other hand,a large number of technological advanc...It is a fact that the available sub-surface space is quickly filling up and that the risk of damage to infrastructure and the environment is increasing steadily.On the other hand,a large number of technological advancements have greatly improved the quality of the implementation and management of underground pipeline and cable assets.These advancements not only span equipment to install pipelines,ducts and cables,but also the GIS technology,sub-surface locating systems and other georeferencing technologies give the user more information to base a decision on.But is more information also better information or is it a false sense of security?As I have experienced worldwide,the latter is often true because most asset managers‘do their own thing'.So who can and should take action in the chain op sub-surface pipeline and cable installation,maintenance and management to evolve towards a uniform quality of asset data?This presentation will assess the each stakeholder's role and responsibility in the chain and suggest a possible solution towards creating a uniform quality of data over the next couple of decades.展开更多
Since 2013,China has been the world’s largest market for industrial robots.Despite the gradual maturity of the industrial robot system,the lagging R&D and backward technology level of industrial robots have led t...Since 2013,China has been the world’s largest market for industrial robots.Despite the gradual maturity of the industrial robot system,the lagging R&D and backward technology level of industrial robots have led to a strong dependence on the import of core components and key technologies,which to a certain extent has restricted the development and improvement of industrial robots.At present,the“neck problem”in the field of industrial robots in China is not only in the reducer,controller,and servo but also in the basic processing equipment,basic technology,and basic materials.In this paper,we propose measures to improve the“neck problem”of industrial robots to promote the high-quality development of industrial robots in China.展开更多
基金supported by the Postgraduate Research&Practice Innovation Program of Jiangsu Province (Grant No.SJCX22_1677).
文摘Wireless body area networks(WBANs)are an emerging technology for the real-time monitoring of physiological signals.WBANs provide a mechanism for collecting,storing,and transmitting physiological data to healthcare providers.However,the open wireless channel and limited resources of sensors bring security challenges.To ensure physiological data security,this paper provides an efficient Certificateless Public Key Infrastructure Heterogeneous Ring Signcryption(CP-HRSC)scheme,in which sensors are in a certificateless cryptosystem(CLC)environment,and the server is in a public key infrastructure(PKI)environment.CLC could solve the limitations of key escrow in identity-based cryptography(IBC)and certificate management for public keys in PKI.While PKI is suited for the server because it is widely used on the Internet.Furthermore,this paper designs a ring signcryption method that allows the controller to anonymously encrypt physiological data on behalf of a set of sensors,but the server does not exactly know who the sensor is.The construction of this paper can achieve anonymity,confidentiality,authentication,non-repudiation,and integrity in a logically single step.Under the computational Diffie-Hellman(CDH)problem,the formal security proof is provided in the random oracle model(ROM).This paper demonstrates that this scheme has indistinguishability against adaptive chosen ciphertext attacks(IND-CCA2)and existential unforgeability against adaptive chosen message attacks(EUF-CMA).In terms of computational cost and energy usage,a comprehensive performance analysis demonstrates that the proposed scheme is the most effective.Compared to the three existing schemes,the computational cost of this paper’s scheme is reduced by about 49.5%,4.1%,and 8.4%,and the energy usage of our scheme is reduced by about 49.4%,3.7%,and 14.2%,respectively.
基金This work was supported by the National Key R&D Program of China(No.2020YFB1005600)Beijing Natural Science Foundation(No.M21031)+4 种基金the Natural Science Foundation of China(Nos.U21A20467,61932011,62002011,and 61972019)the Populus Euphratica Foundation(No.CCF-HuaweiBC2021009)the Open Research Fund of Key Laboratory of Cryptography of Zhejiang Province(No.ZCL21007)Zhejiang Soft Science Research Program(No.2023C35081)the Youth Top Talent Support Program of Beihang University(No.YWF-22-L-1272).
文摘Traditional public key infrastructure(PKI)only provides authentication for network communication,and the standard X.509 certificate used in this architecture reveals the user’s identity.This lack of privacy protection no longer satisfies the increasing demands for personal privacy.Though an optimized anonymous PKI certificate realizes anonymity,it has the potential to be abused due to the lack of identity tracking.Therefore,maintaining a balance between user anonymity and traceability has become an increasing requirement for current PKI.This paper introduces a novel traceable self-randomization certificate authentication scheme based on PKI architecture that achieves both anonymity and traceability.We propose a traceable self-randomization certificate authentication scheme based on the short randomizable signature.Specifically,certificate users can randomize the initial certificate and public key into multiple anonymous certificates and public keys by themselves under the premise of traceability,which possesses lower computational complexity and fewer interactive operations.Users can exhibit different attributes of themselves in different scenarios,randomizing the attributes that do not necessarily need to be displayed.Through security and performance analysis,we demonstrate the suitability of the improved PKI architecture for practical applications.Additionally,we provide an application of the proposed scheme to the permissioned blockchain for supervision.
基金2015年度国家社会科学基金重大项目“合作治理:国家治理体系现代化与国家责任研究”(15ZDA031)2019年度国家社会科学基金一般项目“基层政治稳定与风险管控研究”(19BZZ048)全球挑战研究基金项目“The GCRE Centre for Sustainable,Healthy,and Learning cities and Neighbourhoods”(ES/P011020/1)。
基金This article is supported by Law and Technology Institute,Renmin University of China.All mistakes and omissions are the responsibility of the author.
文摘In the context of today's big data and cloud computing,the global flow of data has become a powerful driver for international economic and investment growth.The EU and the U.S.have created two different paths for the legal regulation of the cross-border flow of personal data due to their respective historical traditions and realistic demands.The requirements for data protection have shown significant differences.The EU advocates localization of data and firmly restricts cross-border flow of personal data.The U.S.tends to protect personal data through industry self-regulation and government law enforcement.At the same time,these two paths also merge and supplement with each other.Based on this,China needs to learn from the legal regulatory paths of the EU and the US,respectively,to establish a legal idea that places equal emphasis on personal data protection and the development of the information industry.In terms of domestic law,the Cybersecurity Law of the People's Republic of China needs to be improved and supplemented by relevant supporting legislation to improve the operability of the law;the industry self-discipline guidelines should be established;and various types of cross-border data need to be classified and supervised.In terms of international law,it is necessary to participate in international cooperation based on the priority of data sovereignty and promote the signing of bilateral,multilateral agreements,and international treaties on the cross-border flow of personal data.
基金This work was supported in part by Beijing Municipal Natural Science Foundation(19L2020)Foundation of Science and Technology on Information Assurance Laboratory(614211204031117)Industrial Internet Innovation and Development Project(Typical Application and Promotion Project of the Security Technology for the Electronics Industry)of the Ministry of Industry and Information Technology of China in 2018,Foundation of Shanxi Key Laboratory of Network and System Security(NSSOF1900105).
文摘With the rising popularity of the Internet and the development of big data technology,an increasing number of organizations are opting to cooperate across domains to maximize their benefits.Most organizations use public key infrastructure to ensure security in accessing their data and applications.However,with the continuous development of identity-based encryption(IBE)technology,small-and medium-sized enterprises are increasingly using IBE to deploy internal authentication systems.To solve the problems that arise when crossing heterogeneous authentication domains and to guarantee the security of the certification process,we propose using blockchain technology to establish a reliable cross-domain authentication scheme.Using the distributed and tamper-resistant characteristics of the blockchain,we design a cross-domain authentication model based on blockchain to guarantee the security of the heterogeneous authentication process and present a cross-domain authentication protocol based on blockchain.This model does not change the internal trust structure of each authentication domain and is highly scalable.Furthermore,on the premise of ensuring security,the process of verifying the signature of the root certificate in the traditional cross-domain authentication protocol is improved to verify the hash value of the root certificate,thereby improving the authentication efficiency.The developed prototype exhibits generality and simplicity compared to previous methods.
文摘It is a fact that the available sub-surface space is quickly filling up and that the risk of damage to infrastructure and the environment is increasing steadily.On the other hand,a large number of technological advancements have greatly improved the quality of the implementation and management of underground pipeline and cable assets.These advancements not only span equipment to install pipelines,ducts and cables,but also the GIS technology,sub-surface locating systems and other georeferencing technologies give the user more information to base a decision on.But is more information also better information or is it a false sense of security?As I have experienced worldwide,the latter is often true because most asset managers‘do their own thing'.So who can and should take action in the chain op sub-surface pipeline and cable installation,maintenance and management to evolve towards a uniform quality of asset data?This presentation will assess the each stakeholder's role and responsibility in the chain and suggest a possible solution towards creating a uniform quality of data over the next couple of decades.
文摘Since 2013,China has been the world’s largest market for industrial robots.Despite the gradual maturity of the industrial robot system,the lagging R&D and backward technology level of industrial robots have led to a strong dependence on the import of core components and key technologies,which to a certain extent has restricted the development and improvement of industrial robots.At present,the“neck problem”in the field of industrial robots in China is not only in the reducer,controller,and servo but also in the basic processing equipment,basic technology,and basic materials.In this paper,we propose measures to improve the“neck problem”of industrial robots to promote the high-quality development of industrial robots in China.
