Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ATN, there are conflicts between negotiation success and sensitive information protection, that is, these two needs cannot be given priority at the same time, which is a challenging problem to resolve. In this paper, a language independent ATN framework, which is dynamic, flexible and adaptive, is presented to address this problem, ensuring negotiation success without sensitive information leakage. This framework is independent of the policy language which is used. However, the language used should have the capability to specify all kinds of sensitive information appearing in credentials and policies, and support the separation of attribute disclosure from credential disclosure. Thus definitions of new language features, which can be incorporated into existing policy languages, are given, enabling the used language to support the capabilities mentioned above.
Fingerprint segmentation is one of the most important preprocessing steps in an automatic fingerprint identification system (AFIS). Accurate segmentation of a fingerprint will greatly reduce the computation time of the following processing steps, and the most importantly, exclude many spurious minutiae located at the boundary of foreground. In this paper, a new fingerprint segmentation algorithm is presented. First, two new features, block entropy and block gradient entropy, are proposed. Then, an AdaBoost classifier is designed to discriminate between foreground and background blocks based on these two features and five other commonly used features. The classification error rate (
A resynchronization attack is proposed on stream ciphers filtered by Maiorana-McFarland (M-M) functions and equipped with a linear resynchronization mechanism. The proposed attack utilizes the linear weakness of the resynchronization mechanism, the partial linearity of M-M functions, and applies the linear consistency test method to recover the secret key. It is shown that an M-M function should not be implemented by itself but rather in combination with other nonlinear components in stream ciphers using linear mechanisms to prevent the proposed attack. It is also shown that the use of linear resynchronization mechanisms should be avoided despite their high efficiency in stream ciphers filtered by M-M functions.
Digital fingerprinting is an emerging technology to protect multimedia data from piracy, where each distributed copy is labeled with unique identification information. In coded fingerprinting, each codeword of the anti-collusion code is used to represent a user’s fingerprint. In real-world applications, the number of potential users can be very large and hence, the used anti-collusion code should be easy to construct and have as many codewords as possible. This paper proposes a simple coded fingerprinting scheme, where the anti-collusion code is constructed with an identity matrix. The main advantage of our scheme is its simplicity, as a large number of fingerprints can easily be generated to accommodate a large number of users. To improve collusion resistance, some transformations are performed on the original fingerprint in the embedding phase and the corresponding inverse transformations are performed on the extracted sequence in the detection phase.
In today’s globalized digital world, network-based, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user.
Web-based social networking is increasingly gaining popularity due to the rapid development of computer networking technologies. However, social networking applications still cannot obtain a wider acceptance by many users due to some unresolved issues, such as trust, security, and privacy. In social networks, trust is mainly studied whether a remote user behaves as expected by an interested user via other users, who are respectively named trustee, trustor, and recommenders. A trust graph consists of a trustor, a trustee, some recommenders, and the trust relationships between them. In this paper, we propose a novel FlowTrust approach to model a trust graph with network flows, and evaluate the maximum amount of trust that can flow through a trust graph using network flow theory. FlowTrust supports multi-dimensional trust. We use trust value and confidence level as two trust factors. We deduce four trust metrics from these two trust factors, which are maximum flow of trust value, maximum flow of confidence level, minimum cost of uncertainty with maximum flow of trust, and minimum cost of mistrust with maximum flow of confidence. We also propose three FlowTrust algorithms to normalize these four trust metrics. We compare our proposed FlowTrust approach with the existing RelTrust and CircuitTrust approaches. We show that all three approaches are comparable in terms of the inferred trust values. Therefore, FlowTrust is the best of the three since it also supports multi-dimensional trust.
Though the dominance-based rough set approach has been applied to interval-valued information systems for knowledge discovery, the traditional dominance relation cannot be used to describe the degree of dominance principle in terms of pairs of objects. In this paper, a ranking method of interval-valued data is used to describe the degree of dominance in the interval-valued information system. Therefore, the fuzzy rough technique is employed to construct the rough approximations of upward and downward unions of decision classes, from which one can induce
Description logics (DLs) are widely employed in recent semantic web application systems. However, classical description logics are limited when dealing with imprecise concepts and roles, thus providing the motivation for this work. In this paper, we present a type-2 fuzzy attributive concept language with complements (ALC) and provide its knowledge representation and reasoning algorithms. We also propose type-2 fuzzy web ontology language (OWL) to build a fuzzy ontology based on type-2 fuzzy ALC and analyze the soundness, completeness, and complexity of the reasoning algorithms. Compared to type-1 fuzzy ALC, type-2 fuzzy ALC can describe imprecise knowledge more meticulously by using the membership degree interval. We implement a semantic search engine based on type-2 fuzzy ALC and carry out experiments on real data to test its performance. The results show that the type-2 fuzzy ALC can improve the precision and increase the number of relevant hits for imprecise information searches.
In order to enable personalized natural interaction in service robots, artificial emotion is needed which helps robots to appear as individuals. In the emotion modeling theory of emotional Markov chain model (eMCM) for spontaneous transfer and emotional hidden Markov model (eHMM) for stimulated transfer, there are three problems: 1) Emotion distinguishing problem: whether adjusting parameters of the model have any effects on individual emotions; 2) How much effect the change makes; 3) The problem of different initial emotional states leading to different resultant emotions from a given stimuli. To solve these problems, a research method of individual emotional difference is proposed based on metric multidimensional scaling theory. Using a dissimilarity matrix, a scalar product matrix is calculated. Subsequently, an individual attribute reconstructing matrix can be obtained by principal component factor analysis. This can display individual emotion difference with low dimension. In addition, some mathematical proofs are carried out to explain experimental results. Synthesizing the results and proofs, corresponding conclusions are obtained. This new method provides guidance for the adjustment of parameters of emotion models in artificial emotion theory.
Stereo vision systems are widely used for autonomous robot navigation. Most of them apply local window based methods for real-time purposes. Normalized cross correlation (NCC) is notorious for its high computational cost, though it is robust to different illumination conditions between two cameras. It is rarely used in real-time stereo vision systems. This paper proposes an efficient normalized cross correlation calculation method based on the integral image technique. Its computational complexity has no relationship to the size of the matching window. Experimental results show that our algorithm can generate the same results as traditional normalized cross correlation with a much lower computational cost. Our algorithm is suitable for planet rover navigation.
The performance of online analytical processing (OLAP) is critical for meeting the increasing requirements of massive volume analytical applications. Typical techniques, such as in-memory processing, column-storage, and join indexes focus on high performance storage media, efficient storage models, and reduced query processing. While they effectively perform OLAP applications, there is a vital limitation: main-memory database based OLAP (MMOLAP) cannot provide high performance for a large size data set. In this paper, we propose a novel memory dimension table model, in which the primary keys of the dimension table can be directly mapped to dimensional tuple addresses. To achieve higher performance of dimensional tuple access, we optimize our storage model for dimension tables based on OLAP query workload features. We present directly dimensional tuple accessing (DDTA) based join (DDTA-JOIN), a technique to optimize query processing on the memory dimension table by direct dimensional tuple access. We also contribute by proposing an optimization of the predicate tree to shorten predicate operation length by pruning useless predicate processing. Our experimental results show that the DDTA-JOIN algorithm is superior to both simulated row-store main memory query processing and the open-source column-store main memory database MonetDB, thanks to the reduced join cost and simple yet efficient query processing.
Many structured peer-to-peer (P2P) systems supported by distributed hash table (DHT) schemas have been proposed recently to improve the scalability of distributed virtual application systems. By organizing the peers based on interconnection topologies, existing proposed schemas are purely based on the logical relationship without knowledge of the physical networks. In this paper, we propose a new structured DHT schema, which receives routing information not just from virtual neighbors in P2P overlay network, but also from nearby physical neighbors. The average degree of our model is 5, the diameter is logarithmic. The simulation shows that our model achieves shorter query path length, higher clustering, and better robustness than other overlay networks which have the same level of degree and diameter.