您的检索:
学者姓名:张建标
精炼检索结果:
年份
成果类型
收录类型
来源
综合
合作者
语言
清除所有精炼条件
摘要 :
Hybrid deployment of containers with different kernel types offers a novel solution for cloud service providers. While extensive research has been conducted on shared kernel containers, the security risks associated with diverse kernel types in hybrid deployment scenarios present more complex challenges. Establishing trusted relationships from hardware to containers for hybrid deployment has become a primary concern. Additional challenges include the lack of measurement and communication methods for independent kernel containers and insufficient dynamic measurement capabilities for containers. To address these issues, we propose a novel approach of achieving secure hybrid deployment of containers through the provision of trusted assurance in three layers: container infrastructure, container application environment, and container runtime. We propose the corresponding measurement schemes for each trust layer. Through functional verification and performance evaluation, we demonstrate that our architecture exhibits improved feasibility and effectiveness.
关键词 :
Docker Docker Trusted Measurement Trusted Measurement Kata containers Kata containers TEE TEE Cloud computing Cloud computing Container trust Container trust
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Han, Yufei , Li, Chao , Zhang, Jianbiao et al. DMSCTS: Dynamic measurement scheme for the containers-hybrid-deployment based on trusted subsystem [J]. | COMPUTERS & SECURITY , 2024 , 148 . |
| MLA | Han, Yufei et al. "DMSCTS: Dynamic measurement scheme for the containers-hybrid-deployment based on trusted subsystem" . | COMPUTERS & SECURITY 148 (2024) . |
| APA | Han, Yufei , Li, Chao , Zhang, Jianbiao , Wang, Yifan , Yu, Lehao , Cao, Yihao et al. DMSCTS: Dynamic measurement scheme for the containers-hybrid-deployment based on trusted subsystem . | COMPUTERS & SECURITY , 2024 , 148 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Cloud-edge architecture is an emerging technology that aims to meet the growing demands of intelligent applications. To address the issues of machine learning privacy leakages and benefiting from imbalanced data distribution, federated learning has been widely applied. Nevertheless, they present inherent vulnerabilities that make them vulnerable to poisoning attacks. Existing defense techniques are largely attack-rigid: they are designed to recognize client properties or model updates directly, aimed at specific attack scenarios or rules, but may not work well for critical feature patterns or flexible attack methods, mainly due to the potential influence of redundant features and model performance on defense. Yet few flexible defense methods have been developed. In this paper, we propose FlexibleFL, a flexible defense method against poisoning attacks in cloud-edge federated learning system (CEFL). The key idea of FlexibleFL is to evaluate the quality of uploaded model parameters and further determine the contribution of participants through an optimal threshold selection strategy. Based on these differences, FlexibleFL can thus implement penalties to potential attackers in a way that involves assigning the updated federated model. Extensive results demonstrate that our method has significant advantages in countering poisoning attacks in IID and Non-IID scenarios, and can effectively protect CEFL systems.
关键词 :
Contribution Contribution Cloud-edge computing Cloud-edge computing Poisoning attacks Poisoning attacks Defense strategy Defense strategy Federated learning Federated learning
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Zhao, Yaru , Cao, Yihao , Zhang, Jianbiao et al. FlexibleFL: Mitigating poisoning attacks with contributions in cloud-edge federated learning systems [J]. | INFORMATION SCIENCES , 2024 , 664 . |
| MLA | Zhao, Yaru et al. "FlexibleFL: Mitigating poisoning attacks with contributions in cloud-edge federated learning systems" . | INFORMATION SCIENCES 664 (2024) . |
| APA | Zhao, Yaru , Cao, Yihao , Zhang, Jianbiao , Huang, Haoxiang , Liu, Yanhui . FlexibleFL: Mitigating poisoning attacks with contributions in cloud-edge federated learning systems . | INFORMATION SCIENCES , 2024 , 664 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
The mobile cellular network provides internet connectivity for heterogeneous Internet of Things (IoT) devices. The cellular network consists of several towers installed at appropriate locations within a smart city. These cellular towers can be utilized for various tasks, such as e-healthcare systems, smart city surveillance, traffic monitoring, infrastructure surveillance, or sidewalk checking. Security is a primary concern in data broadcasting, particularly authentication, because the strength of a cellular network's signal is much higher frequency than the associated one, and their frequencies can sometimes be aligned, posing a significant challenge. As a result, that requires attention, and without information authentication, such a barrier cannot be removed. So, we design a secure and efficient information authentication scheme for IoT-enabled devices tomitigate the flaws in the e-healthcare system. The proposed protocol security shall check formally using the Real-or-Random (ROR) model, simulated using ProVerif2.03, and informally using pragmatic discussion. In comparison, the performance phenomenon shall tackle by the already result available in the MIRACL cryptographic lab.
关键词 :
IoT-enable device IoT-enable device e-healthcare e-healthcare authentication authentication edge computing edge computing
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Khan, Naveed , Zhang, Jianbiao , Mallah, Ghulam Ali et al. A Secure and Efficient Information Authentication Scheme for E-Healthcare System [J]. | CMC-COMPUTERS MATERIALS & CONTINUA , 2023 , 76 (3) : 3877-3896 . |
| MLA | Khan, Naveed et al. "A Secure and Efficient Information Authentication Scheme for E-Healthcare System" . | CMC-COMPUTERS MATERIALS & CONTINUA 76 . 3 (2023) : 3877-3896 . |
| APA | Khan, Naveed , Zhang, Jianbiao , Mallah, Ghulam Ali , Chaudhry, Shehzad Ashraf . A Secure and Efficient Information Authentication Scheme for E-Healthcare System . | CMC-COMPUTERS MATERIALS & CONTINUA , 2023 , 76 (3) , 3877-3896 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
In the cloud environment, the virtual computing node has become the dominant form of cloud services used by users. Hence, it is increasingly critical to guarantee the trusted operation of the virtual computing node's operating system (VCNOS). However, previous schemes suffer a lot, such as insufficient consideration of the comprehensive of the measured objects, ignoring the dynamic of trusted, and the trusted measurement mech-anisms rarely consider their security. Thus, a three-dimensional dynamic trusted measurement model SABDTM, which integrates the integrity measurement of kernel static data, trusted evaluation of operating system behavior (OSB), and the feedback trust of interacting nodes, is proposed. First, SABDTM divided OSB into multiple atomic behaviors and introduced the Bayesian decision theory to predict trusted expectations of OSBs. Second, the feedback trust of interacting nodes is considered to improve the comprehensiveness of the trusted measurement and evaluate its value based on the Euclidean distance function to reduce the impact of inaccurate feedback from malicious nodes. Subsequently, we set the appropriate weight for trusted measurement values of different mo-ments based on Induced Ordered Weighted Averaging to accurately portray the actual state of VCNOS. Moreover, we designed a lightweight and independent subsystem to perform the trusted measurement, which guarantees the security of the measurement service. The security of our model is proved rigorously based on the non-interference theory. Finally, the experiments and comparative analysis demonstrated our model has better functionality and superiority.
关键词 :
Virtual computing node Virtual computing node Kernel static data Kernel static data Operating system behavior Operating system behavior Feedback trust Feedback trust Trusted measurement Trusted measurement
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Huang, Haoxiang , Zhang, Jianbiao , Zhang, Lei et al. SABDTM: Security-first architecture-based dynamic trusted measurement scheme for operating system of the virtual computing node [J]. | COMPUTERS & SECURITY , 2023 , 137 . |
| MLA | Huang, Haoxiang et al. "SABDTM: Security-first architecture-based dynamic trusted measurement scheme for operating system of the virtual computing node" . | COMPUTERS & SECURITY 137 (2023) . |
| APA | Huang, Haoxiang , Zhang, Jianbiao , Zhang, Lei , Hu, Jun , Cao, Yihao . SABDTM: Security-first architecture-based dynamic trusted measurement scheme for operating system of the virtual computing node . | COMPUTERS & SECURITY , 2023 , 137 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Federated learning has gained popularity as it enables collaborative training without sharing local data. Despite its advantages, federated learning requires sharing the model parameters during model aggregation which poses security risks. In addition, existing secure federated learning frameworks cannot meet all the requirements of resource-constrained IoT devices and non-independent and identically distributed (non-IID) setting. This paper proposes a novel secure and robust federated learning framework (SRFL) with trusted execution environments (TEEs). The framework provides security and robustness for federated learning on IoT devices under non-IID data by leveraging TEEs to safeguard sensitive model components from being leaked. Simultaneously, we introduce a shared representation training approach to enhance the accuracy and security under non-IID setting. Furthermore, a multi-model robust aggregation method using membership degree is proposed to enhance robustness. This method uses membership degree generated by soft clustering to categorize clients for better aggregation performance. Additionally, we evaluate SRFL in a simulation environment, confirming that it improves accuracy by 5%-30% over FedAVG in non-IID setting and protects the model from membership inference attack and Byzantine attack. It also reduces backdoor attack success rate by 4%-10% more compared to other robust aggregation algorithms.
关键词 :
Federated learning Federated learning Trusted execution environments Trusted execution environments Privacy-preserving Privacy-preserving IoT IoT Robust aggregation Robust aggregation
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Cao, Yihao , Zhang, Jianbiao , Zhao, Yaru et al. SRFL: A Secure & Robust Federated Learning framework for IoT with trusted execution environments [J]. | EXPERT SYSTEMS WITH APPLICATIONS , 2023 , 239 . |
| MLA | Cao, Yihao et al. "SRFL: A Secure & Robust Federated Learning framework for IoT with trusted execution environments" . | EXPERT SYSTEMS WITH APPLICATIONS 239 (2023) . |
| APA | Cao, Yihao , Zhang, Jianbiao , Zhao, Yaru , Su, Pengchong , Huang, Haoxiang . SRFL: A Secure & Robust Federated Learning framework for IoT with trusted execution environments . | EXPERT SYSTEMS WITH APPLICATIONS , 2023 , 239 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
无线传感器网络的故障发现和快速报警的方法属于无线传感器网络运行领域,其特征在于,是一个由中控节点和所有无线传感器共同组成的中心辐射网以及一个由各存储服务器彼此通过光缆连成的蠕虫网经各无线传感器上下串接而成的组合网中实现的。空闲时,中央控制器发出一组启动脉冲分别经各探头上的输入信号增强器去启动各无线传感器,中控节点便以是否收到应答信号来一次性地发现网络中所有的故障节点;正常运行时,任何两个相邻节点不仅以最快速度在最短路径下传递信息并通过蠕虫网或/和中心辐射网发向中控节点或其它节点,还能在传递时主动呼叫下一节点来发现故障节点,从而实现全过程检测。
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | 张建标 , 李跃华 , 崔玲 et al. 一种无线传感器网络的故障发现和快速报警的方法 : CN202210020586.2[P]. | 2022-01-10 . |
| MLA | 张建标 et al. "一种无线传感器网络的故障发现和快速报警的方法" : CN202210020586.2. | 2022-01-10 . |
| APA | 张建标 , 李跃华 , 崔玲 , 公备 . 一种无线传感器网络的故障发现和快速报警的方法 : CN202210020586.2. | 2022-01-10 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
云存储中虚拟机容器架构的远程可信运行的控制方法属于容器架构可信运行领域,其特征在于实体机借助主、客体度量值模块形成本地发明人和应用程序的度量值载入本地样本数据库,再由访问控制模块对本地客户进行主、客体身份验证,合格后再由客体在CPUS和虚拟机CPUV之间客体的地址映射表经双通道通信线路发往两个CPUV所在的中控节点以最短路径发往非特许或特许存储小区内相应节点CPUm,从容器内对应地址中取出,发回CPUS,转发本单位客户。蠕虫网形式的容器架构的两个CPUV,在非特许小区的左下角,形成中控节点,为地址起点,而特许小区的地址起点设在右上角,二者分别沿容器轴向的增址或减址,具有:系统与用户,特许与非特许小区间隔离好,网内传输快的优点。
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | 张建标 , 王艳 , 韩现群 et al. 云存储中虚拟机容器架构的远程可信运行的控制方法 : CN202210086193.1[P]. | 2022-01-25 . |
| MLA | 张建标 et al. "云存储中虚拟机容器架构的远程可信运行的控制方法" : CN202210086193.1. | 2022-01-25 . |
| APA | 张建标 , 王艳 , 韩现群 , 公备 . 云存储中虚拟机容器架构的远程可信运行的控制方法 : CN202210086193.1. | 2022-01-25 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
With the development of the Internet of Things (IoT) and its applications, a large amount of data is gen-erated regularly. If this information is used by malicious attackers, it will be a great disaster for the rel-evant users. In this regard, this article focuses on the user's identity privacy issues involved in the IoT. By protecting the user's identity privacy, the attacker cannot associate the obtained data with the user's real identity, and so achieve the purpose of protecting the user. This article uses the features of blockchain that cannot be tampered with nor forged to strengthen the reliability of the system. The proposed scheme saves the transaction information of user information through the Hyperledger and uses the ring signa-ture method to obscure the real identity. A key generator is used to generate system public parameters and ring membership information required for signature. Users can use this information to hide their identity in a ring group of n users so that other users can only guess the true identity of the user with a probability of 1/n. Additionally, the method of aggregated signature is used to shorten the time and space required fork signature verification to 1/k, which greatly improves the efficiency. Finally, this arti-cle also uses an accountability mechanism to punish some attackers who attempt to waste system resources by revealing the real identity of the attacker and refusing to serve him. In this paper, GO lan-guage is used to write chain code to realize the proposed algorithm, and a prototype system is built through HyperLeger Fabric blockchain network, and the prototype system is verified by experiment. The correctness and efficiency of the above scheme are also proved through theoretical analysis and experiments.(c) 2022 The Author(s). Published by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
关键词 :
Aggregate Signature Aggregate Signature Internet of Things Internet of Things Identity Privacy Identity Privacy Ring Signature Ring Signature Hyperledger Fabric Hyperledger Fabric
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Liu, Yanhui , Zhang, Jianbiao , Pathan, Muhammad Salman et al. Research on identity authentication system of Internet of Things based on blockchain technology [J]. | JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES , 2022 , 34 (10) : 10365-10377 . |
| MLA | Liu, Yanhui et al. "Research on identity authentication system of Internet of Things based on blockchain technology" . | JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES 34 . 10 (2022) : 10365-10377 . |
| APA | Liu, Yanhui , Zhang, Jianbiao , Pathan, Muhammad Salman , Yuan, Yijian , Zhang, Puzhe , Maroc, Sarah et al. Research on identity authentication system of Internet of Things based on blockchain technology . | JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES , 2022 , 34 (10) , 10365-10377 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Searchable symmetric encryption (SSE) provides an effective way to search encrypted data stored on untrusted servers. When the server is not trusted, it is indispensable to verify the results returned by it. However, the existing SSE schemes either lack fairness in the verification of search results, or do not support the verification of multiple keywords. To address this, we designed a multi-keyword verifiable searchable symmetric encryption scheme based on blockchain, which provides an efficient multi-keyword search and fair verification of search results. We utilized bitmap to build a search index in order to improve search efficiency, and used blockchain to ensure fair verification of search results. The bitmap and hash function are combined to realize lightweight multi-keyword search result verification, compared with the existing verification schemes using public key cryptography primitives, our scheme reduces the verification time and improves the verification efficiency. In addition, our scheme supports the dynamic update of files and realizes the forward security in update. Finally, formal security analysis proves that our scheme is secure against Chosen-Keyword Attacks (CKA), experimental analysis demonstrations that our scheme is efficient and viable in practice.
关键词 :
Result verification Result verification Blockchain Blockchain Symmetric searchable encryption Symmetric searchable encryption Multi-keyword search Multi-keyword search
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Xu, Wanshan , Zhang, Jianbiao , Yuan, Yilin et al. Towards efficient verifiable multi-keyword search over encrypted data based on blockchain [J]. | PEERJ COMPUTER SCIENCE , 2022 , 8 . |
| MLA | Xu, Wanshan et al. "Towards efficient verifiable multi-keyword search over encrypted data based on blockchain" . | PEERJ COMPUTER SCIENCE 8 (2022) . |
| APA | Xu, Wanshan , Zhang, Jianbiao , Yuan, Yilin , Wang, Xiao , Liu, Yanhui , Khalid, Muhammad Irfan . Towards efficient verifiable multi-keyword search over encrypted data based on blockchain . | PEERJ COMPUTER SCIENCE , 2022 , 8 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
云计算、物联网和移动互联网等新型计算模式的出现,使得域间相互访问以及数据共享的需求不断扩大,而目前"中心化"的传统访问控制技术所显现出的访问控制策略执行不透明、动态数据管理不灵活、资源拥有者自主性差,使其难以满足海量、动态和分布的新型计算模式.提出了一种以ABAC模型为基础、以区块链为交互方式的域间访问控制模型.介绍了ABAC模型和区块链的技术原理、特点、研究现状,详细阐述了模型框架,对ABAC模型进行了形式化定义;同时,对模型中的智能合约进行了具体描述,给出了本模型在具体场景中的应用和具体的访问控制流程;最后对比了现有的研究方案.该模型可以为域间访问提供标准化的安全、便捷、自主且细粒度的访问...
关键词 :
区块链 区块链 数据共享 数据共享 访问控制 访问控制 跨域 跨域 ABAC ABAC
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | 张建标 , 张兆乾 , 徐万山 et al. 一种基于区块链的域间访问控制模型 [J]. | 软件学报 , 2021 , 32 (05) : 1547-1564 . |
| MLA | 张建标 et al. "一种基于区块链的域间访问控制模型" . | 软件学报 32 . 05 (2021) : 1547-1564 . |
| APA | 张建标 , 张兆乾 , 徐万山 , 吴娜 . 一种基于区块链的域间访问控制模型 . | 软件学报 , 2021 , 32 (05) , 1547-1564 . |
| 导入链接 | NoteExpress RIS BibTex |
导出
| 数据: |
选中 到 |
| 格式: |
