an integrity assurance mechanism for run-time programs

Chinese Assoc Cryptol Res, State Key Lab Informat Secur, Inst Software, Grad Univ Chinese Acad Sci, Natl Nat Sci Fdn China

一种用于网络取证分析的模糊决策树推理方法

网络取证是对现有网络安全体系的必要扩展,已日益成为研究的重点.但目前在进行网络取证时仍存在很多挑战:如网络产生的海量数据;从已收集数据中提取的证据的可理解性;证据分析方法的有效性等.针对上述问题,利用模糊决策树技术强大的学习能力及其分析结果的易理解性,开发了一种基于模糊决策树的网络取证分析系统,以协助网络取证人员在网络环境下对计算机犯罪事件进行取证分析.给出了该方法的实验结果以及与现有方法的对照分析结果.实验结果表明,该系统可以对大多数网络事件进行识别(平均正确分类率为 91.16%),能为网络取证人员提供可理解的信息,协助取证人员进行快速高效的证据分析.

信息安全产品安全保证量化评估方法研究

CC标准进行信息安全产品测评时,传统评估方法使用二值逻辑表示评价结果,只能定性评估,不能体现安全保证量的差异.本文提出依据保护轮廓构建评估框架的方法;将评估员对组件的评价定义为三角模糊数的形式;提出底线折衷法综合各组件评价得出TOE(评估对象)安全保证的量化表示.最后,通过实例表明这是一种CC标准框架正的可操作和较为合理的信息安全产品测评方法.

软件属性保障中的源代码静态分析技术研究

随着硬件性能的不断提升，计算机正在被赋予越来越艰巨的任务，运行其上的软件作为沟通人类思维和底层硬件的桥梁，其重要性日益增加。与此同时，软件系统的规模也在不断变大，所涉及的逻辑也更为复杂，这导致开发人员难免会由于疏漏在软件设计实现的过程中引入缺陷、埋下隐患。所以,如何检验、确保软件的属性就成为时下一个亟待解决的热点问题。而在此背景下，源代码静态分析技术由于恰好可以弥补现有测试方法的不足，已经开始在这一研究领域崭露头角。有鉴于此，本文为了推进安全信息系统的研发，分别围绕源代码静态分析技术在软件属性保障中两个最主要的应用场景展开研究，涉及高等级安全操作系统开发过程中的源代码自动化审计，以及分布式信息系统中平台间互信建立时针对软件属性所进行的远程验证，其中，前者是为从深度上将现有安全操作系统向更高等级推进提供助力，而后者是为了从广度上将信息安全领域现有的围绕单机平台的研究成果向分布式架构推广建立基础。具体来说，本文选择针对编程接口规范的一致性检验和应用静态分析的软件属性远程验证作为研究的切入点，探讨了应用源代码静态分析技术检验、确保软件属性的方法和用途，主要取得以下几个方面的成果： 第一，本文给出了一个基于值等价类的别名分析方法。该方法依据相关的传值操作维护一个值等价类空间，可以在编程接口规范一致性检验的过程中按需推导变量符号间的等值关系，不仅有能力支持上下文相关、路径相关的全局分析，还可以有效应对C代码中因结构、指针等构件所衍生出来的大量变量符号。 第二，针对大部分现有代码静态分析工具分析规模受限的问题，本文围绕编程接口规范的一致性检验给出了可以与别名分析有效结合的性能优化方案。该方案不仅能通过剔除与分析无关的执行分支和引入缓存机制提高分析效率，还可以尽量确保分析的准确性少受影响。 第三，我们设计、实现了一个C代码静态分析工具ABAZER（A Bug AnalyZER）。该工具可以依据用户使用有限自动机模型描述的编程接口规范，对操作系统内核级别的软件进行全局分析，指出代码中可能有悖于规范的部分。我们使用ABAZER实际考查了FreeBSD内核中锁机制以及GCC 4.x中库GNU Libiberty的使用情况，从中发现了若干真实的缺陷。 第四，本文针对现有应用可信计算技术、基于完整性信息进行远程验证的方案在灵活性和实用性上所存在的不足，给出一个扩展方案。该方案通过引入虚拟机技术，在软件构建过程中收集举证信息，应用静态分析方法分析软件功能模块间的相关性，划分出与验证相关的模块，有效控制用户定制软件验证时所要依赖的可信列表的规模，使其有能力适应当今网络环境中的大量异质平台和各种安全需求。此外，它还可以为自身所依赖的可信计算基的替换和更新提供支持。 第五，本文针对Flask架构的特点，给出了一个既能检验强制访问控制实现正确性，又能最大限度保留软件灵活性、使得用户可以在一定程度上对软件进行定制的远程验证方案。该方案依赖源代码静态分析技术界定软件中无需基于完整性进行验证的模块，在进一步缩减可信列表规模的同时，使用代码改写技术在这些模块中自动化地插入监控代码约束软件的动态行为，以达到确保强制访问控制实现正确性的目的。该方案初步展现了源代码静态分析技术在远程验证中广阔的应用前景。

基于收益机制发布/订阅系统时间约束保障技术

发布／订阅系统技术具有异步、松散耦合和多对多通信的特点，有着广阔的应用前景．但是，已有的发布／订阅系统技术不能满足动态环境下有延迟需求的应用要求．针对时间约束问题，扩展了发布／订阅系统的语法，建立了延迟模型，提出了一种基于收益机制的分布式发布／订阅系统时间约束保障技术和使系统获益最大化的调度算法MTEP（maximumto tal earning priority），其特点是能够满足订阅者和发布者指定延迟约束的需求，通过与订阅者商定的价格和违约成本信息来有效地利用网络带宽，适应网络环境的动态变化．实验结果表明，该调度策略和FCFS（first come first service）、最短时间优先和固定优先级等传统策略相比，可使订阅者接收到的有效事件明显增多，并使系统收益显著改善．

使用CC标准开发的高保证安全信息系统

通用标准（Common Criteria）提供了衡量系统安全性的流行准则。本文主要提出通过各类保证措施，如何构建符合CC标准的高保证安全信息系统。文中首先给出了CC的评估模型、评估过程和安全保证的具体要求。然后以开发安全审计系统为例，分析了系统安全功能和保证要求的产生、审计系统的实现框架以及为达到标准要求而在系统开发过程中使用的各种保证证据和保证措施。最后，又分析了审计系统对整个系统的性能影响因素，并提出了改进办法。本文通过深入剖析通用标准中各个保证要求的内涵，为开发具有高保证要求的信息系统提供了理论指导和实现方法。

Concentrations of alkyphenol polyethoxylates entering UK estuaries

Concentrations of the weakly oestrogenic degradation products of alkylphenol polyethoxylate (APE) surfactants (nonylphenol, octylphenol, nonylphenol monoethoxylate and nonylphenol diethoxylate) were measured in water and sediments from British rivers and estuaries collected during 1994 and 1995. In addition, a series of samples of tissues of wild fish from the River Aire, and from a laboratory dosing experiment were analysed for alkylphenols, to assess the degree of bioaccumulation of these compounds. Measurable concentrations of APE residues were recorded in the River Aire (15–76 μg/l total extractable alkylphenols), the River Mersey (6–11 μg/l) and the Tees estuary (up to 76 μg/l). These levels exceed, or are close to, the no observed effect concentration for the induction of vitellogenesis in caged trout (5–20 μg/l total extractable alkylphenols), and may be sufficient to exert an oestrogenic effect on fish populations in these areas. A sediment sample from Bingley on the River Aire contained 15 μg/g (dry weight) nonylphenol, and concentrations in sediments from the Tees and Mersey estuaries exceeded 1 μg/g. These rivers receive a variety of trade waters via sewage treatment works (STW) effluents containing significant concentrations of APE. Elsewhere, concentrations in water and sediments were near or below limits of detection and biological effects are unlikely, suggesting that any oestrogenic effects observed in sewage outfalls and rivers not directly impacted by APE-containing trade-waters may be caused by other chemicals. Analysis of samples of trout muscle taken from a tank dosed at 65 μg/l nonylphenol indicated a bioaccumulation factor of between 90 and 125 after 3 weeks exposure. Samples of wild fish from the River Aire contained up to 0.8 μg/g nonylphenol in the muscle, a tissue bioaccumulation factor of approximately 50 relative to measured concentrations in water samples. A series of fish samples taken from offshore for food quality assurance purposes contained no detectable levels of APE residues (0.05–0.1 μg/g nonylphenol).

The statistic inversion algorithms of water constituents for the Huanghai Sea and the East China Sea

A group of statistical algorithms are proposed for the inversion of the three major components of Case-H waters in the coastal area of the Huanghai Sea and the East China Sea. The algorithms are based on the in situ data collected in the spring of 2003 with strict quality assurance according to NASA ocean bio-optic protocols. These algorithms are the first ones with quantitative confidence that can be applied for the area. The average relative error of the inversed and in situ measured components' concentrations are: Chl-a about 37%, total suspended matter (TSM) about 25%, respectively. This preliminary result is quite satisfactory for Case-H waters, although some aspects in the model need further study. The sensitivity of the input error of 5% to remote sensing reflectance (Rrs) is also analyzed and it shows the algorithms are quite stable. The algorithms show a large difference with Tassan's local SeaWiFS algorithms for different waters, except for the Chl-a algorithm.

Floral closure in response to temperature and pollination in Gentiana straminea Maxim. (Gentianaceae), an alpine perennial in the Qinghai-Tibetan Plateau

Floral closure may be induced by pollination and various other factors, but is rarely studied comprehensively. Different kinds of floral closure should have various effects on reproductive fitness of plants. Two contrasting types of floral closure were observed in the flowers of Gentiana straminea Maxim. in the eastern Qinghai-Tibetan Plateau. The first type occurred prior to pollination during both gender phases, in response mainly to decreasing air temperatures. Flowers closed when decreasing temperatures approached 20 degrees C and subsequently began to reopen the following day during mid-morning when air temperatures warmed to approximately 13-15 degrees C. This kind of floral closure can protect pollen grains on either stamens or stigmas, increasing fitness of both male and female. Following pollination, permanent floral closure occurred, although there was a delay between the dates of pollination and permanent closure, during which flowers continued to show temporary closure in response to low temperature episodes. The time required for permanent, pollination-induced closure varied according to the age of the gender phase, including a prolonged time before closure if pollination occurred early in the female phase. The retaining of permanent closed flowers increased both approaching (to inflorescences) and visiting (to unpollinated flowers) frequencies of individual plants when with fewer open flowers and the persisting corolla is further beneficial for seed sets of these pollinated flowers. Thus, two separate types of floral closure, one in response to environmental cues and the other in response to the age of each gender stage, appeared to have a strong influence on reproductive fitness in this species. These results revealed a different adaptive strategy of alpine plants in the sexual reproduction assurance in addition to the well-known elevated floral longevity, dominant role of more effective pollinators and increased reproduction allocation in the arid habitats.

服务质量要素体系的探讨

The study explored consumers' evaluation factor system and the zone of tolerance in the service quality, and the impact on consumer behavior in two branches of trade: the shopping center and the architectural material corporation, with the method of questionnaire survey. The main conclusions are as following: 1) The basic factors on service quality of shopping center are five, such as assurance、tangibles、the services of the post-selling、convenience and reliability. 2) There are also five factors on service quality of the architectural material corporation, such as the supplying of the products, the abilities of the salesmen, courtesy, package and the information. 3) The zones of tolerance of the factors in service quality are difference. In some way, they reflect the importance of the factors. 4) the service quality and its factors have positive impacts on the consumer behaviors. 5) In the branch of glass producing in our country, the service quality of a corporation is significant below the ideal level, even if it is a good one which the consumers expressed positive purchase intention on the corporate. The service quality of the coporate on which the consumers expressed uncertain purchase intention, is in nearby of the minimum acceptable level.