Multiplexed classical and quantum transmission for high bitrate quantum key distribution systems

We report the operation of a gigahertz clocked quantum key distribution system, with two classical data communication channels using coarse wavelength division multiplexing over a record fibre distance of 80km. © OSA 2012.

Isolation and characterization of Argonaute 2: A key gene of the RNA interference pathway in the rare minnow, Gobiocypris rarus

Argonaute 2 gene plays a pivotal role in RNAi in many species. Herein is the first report of the cloning and characterization of Argonaute 2 gene in fish. The full-length cDNA of Gobiocypris rarus Argonaute 2 (GrAgo2) consisted of 3073 nucleotides encoding 869 amino acid residues with a calculated molecular weight of 98.499 kDa and an estimated isoelectric point of 9.18. Analysis of the deduced amino acid sequence showed the presence of two signature domains, PAZ and Piwi. RT-PCR analysis indicated that GrAgo2 mRNA expression could be detected in widespread tissues. After infection with grass carp reovirus, GrAgo2 expression was up-regulated from 12 h post-injection (p < 0.05) and returned to control levels at 48 h post-injection (p > 0.05). These data imply that GrAgo2 is involved in antiviral defense in rare minnow. (C) 2008 Published by Elsevier Ltd.

A redescription of Piguetiella denticulata Liang and, Xie (Oligochaeta, Tubificidae, Naidinae) from China, with a key to the genus Piguetiella

Piguetiella denticulata Liang & Xie, 1997 is redescribed based on the type series collected from the type locality, Songtao River, and streams of the Zhangjiajie Mountain in southwestern China, and specimens from several tributaries of the Yangtze River. This species is characterized by a large body size, the absence of eyespots and dorsal hair chaetae, the same size and shape of dorsal and ventral chaetae, the presence of 3-4 intermediate teeth on both ventral and dorsal chaetae, and an intestinal dilation in IX-X segments. The essential characteristics used to diagnose the genus are discussed and a key to the genus is provided.

Quantum key distribution for 10 Gb/s dense wavelength division multiplexing networks

We demonstrate quantum key distribution (QKD) with bidirectional 10 Gb/s classical data channels in a single fiber using dense wavelength division multiplexing. Record secure key rates of 2.38 Mbps and fiber distances up to 70km are achieved. Data channels are simultaneously monitored for error-free operation. The robustness of QKD is further demonstrated with a secure key rate of 445 kbps over 25km, obtained in the presence of data lasers launching conventional 0 dBm power. We discuss the fundamental limit for the QKD performance in the multiplexing environment. © 2014 AIP Publishing LLC.

Investigation progress on key photonic integration for application in optical communication network

Proceeding from the consideration of the demands from the functional architecture of high speed, high capacity optical communication network, this paper points out that photonic integrated devices, including high speed response laser source, narrow band response photodetector high speed wavelength converter, dense wavelength multi/demultiplexer, low loss high speed response photo-switch and multi-beam coupler are the key components in the system. The, investigation progress in the laboratory will be introduced.

Formal specification and refinement of a safe train control function

Motivated by the design and development challenges of the BART case study, an approach for developing and analyzing a formal model for reactive systems is presented. The approach makes use of a domain specific language for specifying control algorithms able to satisfy competing properties such as safety and optimality. The domain language, called SPC, offers several key abstractions such as the state, the profile, and the constraint to facilitate problem specification. Using a high-level program transformation system such as HATS being developed at the University of Nebraska at Omaha, specifications in this modelling language can be transformed to ML code. The resulting executable specification can be further refined by applying generic transformations to the abstractions provided by the domain language. Problem dependent transformations utilizing the domain specific knowledge and properties may also be applied. The result is a significantly more efficient implementation which can be used for simulation and gaining deeper insight into design decisions and various control policies. The correctness of transformations can be established using a rewrite-rule based induction theorem prover Rewrite Rule Laboratory developed at the University of New Mexico.

RSA-Based Password-Authenticated Key Exchange, Revisited

The RSA-based Password-Authenticated Key Exchange (PAKE) protocols have been proposed to realize both mutual authentication and generation of secure session keys where a client is sharing his/her password only with a server and the latter should generate its RSA public/private key pair (e, n), (d, n) every time due to the lack of PKI (Public-Key Infrastructures). One of the ways to avoid a special kind of off-line (so called e-residue) attacks in the RSA-based PAKE protocols is to deploy a challenge/response method by which a client verifies the relative primality of e and φ(n) interactively with a server. However, this kind of RSA-based PAKE protocols did not give any proof of the underlying challenge/response method and therefore could not specify the exact complexity of their protocols since there exists another security parameter, needed in the challenge/response method. In this paper, we first present an RSA-based PAKE (RSA-PAKE) protocol that can deploy two different challenge/response methods (denoted by Challenge/Response Method1 and Challenge/Response Method2). The main contributions of this work include: (1) Based on the number theory, we prove that the Challenge/Response Method1 and the Challenge/Response Method2 are secure against e-residue attacks for any odd prime e; (2) With the security parameter for the on-line attacks, we show that the RSA-PAKE protocol is provably secure in the random oracle model where all of the off-line attacks are not more efficient than on-line dictionary attacks; and (3) By considering the Hamming weight of e and its complexity in the RSA-PAKE protocol, we search for primes to be recommended for a practical use. We also compare the RSA-PAKE protocol with the previous ones mainly in terms of computation and communication complexities.

授权策略集成关键技术研究

　　随着新兴分布式应用场景的不断涌现和企业组织受业务驱动影响下的安全需求逐步升级，传统访问控制手段和理念在诸如域间策略互操作、大规模策略处理、策略分析检测、访问判定实施效率、安全软件形态及开发模式等领域面临一系列的问题与挑战。本文基于这一现实背景和众多在研相关课题，针对访问授权策略集成涉及的若干关键技术展开理论研究和工程实践工作，主要取得了以下几个方面的成果： 1、对近年来域间互操作策略集成理论和技术的整体进展与演化进行细致梳理与剖析，从多维视角下对目前大量的域间授权互操作实现方案进行分类比较，详细分析典型方案的理论原理、技术优势和局限性，给出互操作策略集成理论发展的总体视图，概括了其基本特点和发展趋势。 2、在有向角色图的基础上提出一种具有动态自调节能力的域间映射规则演化模型，利用属性约束空间构建了节点间的演化语义，通过约束满足性系数和安全评定系数等相关的阈值评估实现映射规则调节机制，并给出完整的演化实施方案。解决了目前互操作场景中权限控制粒度过粗、映射关系不易改变以及缺乏演化语义等问题。 3、 基于规则状态思想提出面向XACML策略专有的规则冲突及规则冗余分析方法。该方案通过形式化推导分析了主体属性层次和资源属性层次操作关联导致的多种冲突类型及其本质原因，给出详细的冲突检测实施算法，实现冲突规则的域定位，利用状态覆盖思想分析造成规则冗余的原因，给出多种规则评估合并算法下的冗余判定定理。 4、针对策略规模缩减、高效策略索引等大规模策略处理的难点瓶颈，设计并实现了一种采用多层次优化技术的策略判定引擎。该引擎通过规则精化技术缩减策略库规模，利用判定结果缓存、属性缓存、策略缓存组成的多级缓存降低引擎和其他功能部件的通信损耗，基于两阶段策略索引技术提升策略检索及判定效率，通过仿真测试验证多层次优化技术带来的整体效率优势。 5、提出一种针对共性安全服务构件的开发组装和集成建模方法。利用面向切面编程、依赖注入、反射机制等技术搭建共性安全构件三层体系平台，通过BPEL语言编排安全服务构件的调用序列并设计安全访问业务流程，将构件开发与业务流程开发无缝结合，实现了快速拆卸、动态调整、实时组装的安全设施搭建平台。