CN105827521B - E-mail based on SDN denies source and inhibits system and its suppressing method - Google Patents

E-mail based on SDN denies source and inhibits system and its suppressing method Download PDF

Info

Publication number
CN105827521B
CN105827521B CN201610392300.8A CN201610392300A CN105827521B CN 105827521 B CN105827521 B CN 105827521B CN 201610392300 A CN201610392300 A CN 201610392300A CN 105827521 B CN105827521 B CN 105827521B
Authority
CN
China
Prior art keywords
mail
module
denial
behavior
flow table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610392300.8A
Other languages
Chinese (zh)
Other versions
CN105827521A (en
Inventor
韩志耕
冯霞
陈耿
王良民
熊琴琴
孙玉星
景波
刘林源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NANJING AUDIT UNIVERSITY
Original Assignee
NANJING AUDIT UNIVERSITY
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NANJING AUDIT UNIVERSITY filed Critical NANJING AUDIT UNIVERSITY
Priority to CN201610392300.8A priority Critical patent/CN105827521B/en
Publication of CN105827521A publication Critical patent/CN105827521A/en
Application granted granted Critical
Publication of CN105827521B publication Critical patent/CN105827521B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention discloses a kind of e-mail denial source inhibition system and its suppressing method based on SDN, including data plane, Forwarding plane and control plane;The data plane is implemented to follow the tradition e-mail interaction of SMTP and POP3 agreement, including SMTP client, SMTP server-side, POP3 client and POP3 server-side;It controls plane and forms e-mail according to previously e-mail interbehavior from data plane and deny and inhibit strategy, including behavior evidence obtaining module, deny detection module, deny evaluation module, denying prediction module and strategy is inhibited to form module;Forwarding plane inhibits strategy to form flow table according to the denial from control plane, and is forwarded control, including flow table computing module and forward process module to the current e-mail interaction occurred in data plane based on the flow table.The present invention inhibits logical AND e-mail interaction data logic implementation decoupling by denying to e-mail, realizes that the source to e-mail denial behavior inhibits in a manner of closed loop On-line Control, and the interactive sincere and safety of e-mail can be improved.

Description

E-mail based on SDN denies source and inhibits system and its suppressing method
Technical field
The present invention relates to network safety fileds, and in particular to a kind of e-mail based on SDN deny source inhibit system and its Suppressing method.
Background technique
Email is one of the network service that application surface is most wide on internet.Although past ten years its as people The essential attribute of intercourse platform is constantly weakened between people, but the seriousness of Email problem discussion and communication note The advantages such as the legal effect of record make it still and remain biggish application surface.It is aobvious according to 2014 annual report of Gartner magic power quadrant Show, the seriousness of Email topic carries out current 80% work interaction mainly by Email.Email is logical The legal effect of letter makes it in the fields such as E-Government and the electronics administration of justice there are the tools such as instant messaging and social networks can not look forward to And critical role.Even if Email is not using up for row yet, and it is to obtain that 2013 online afterwards in mobile internet era now The Ping application of favorable comment is exactly fabulous illustration.It is urgently solved nevertheless, the development of Email still faces many safety problems Certainly, it is exactly one of them that e-mail, which is denied,.
E-mail deny refer to it is true to the interaction of previous mail disallow or approve, including mail sends and denies and mail It receives and denies.In con-ventional post system, the conventional means for inhibiting mail to deny is that vouchered postal material increment is provided for vital document Service, postal operator is by providing mail to according to proving that mailer sent the mail, passes through reception in sometime point Manpower signs to prove that the mail has successfully been submitted.The major technique for inhibiting e-mail to deny in electronic world is to sign for electricity Postal, the technology is by the way that liberally exchange transfers information and resisting denying evidence by telegram to guarantee that e-mail is denied between mistrustful receiving-transmitting sides It is traceable.However, being limited by current Generation Internet, existing e-mail technology of signing for is only capable of denying e-mail the subsequent hair of implementation It is existing, source inhibition can not be given.Generally, the denial behavior found afterwards may prove effective, perhaps to honest user It is endangered through being formed;For the interests of the honest e-mail user of protection, there is an urgent need to develop e-mail to deny source suppression technology so as to right Source prevention is implemented in the denial behavior not yet to prove effective.However this can not achieve a solution in current internet architectural framework, study carefully it The reason is that, subsequent discovery interactive to e-mail need not be intervened online, but source inhibits that e-mail interaction must be applied online Control, however the forfeiture of current internet system manageability can not but provide safeguard thus.
E-mail denies source and inhibits to be that source inhibits that e-mail interbehavior need to be implemented with the essential difference found afterwards On-line Control need to can will shift to an earlier date before e-mail denial behavior is not yet had an effect for the inhibition strategy of the denial behavior E-mail interaction is acted on, to avoid the generation of the denial behavior in time.Can the process effectively be realized dependent on network system Whether manageability is had, i.e. whether network system has the energy for allowing and denying and tactful (control strategy) being inhibited to change e-mail interaction Power.Network control logic and mathematical logic are carried out binding design by conventional internet system, and various decision logic intertextures are mingled in Generated nonlinear interaction causes network uncontrollable together.As the new technology of innovation internet, software defined network SDN is logical Cross and network control logic and mathematical logic removed, realize the property managed of network system, and derive much at The application of function, this denies the realization that source inhibits for e-mail and provides technical support.
Summary of the invention
Goal of the invention: it is an object of the invention to solve the deficiencies in the prior art, a kind of electricity based on SDN is provided Postal denies source and inhibits system and its suppressing method, inhibits logic to solve by that will transfer the e-mail of interaction data logical AND by telegram and deny Coupling realizes that the source of e-mail denial behavior inhibits.
Technical solution: a kind of e-mail based on SDN of the invention denies source and inhibits system, including data plane, forwarding Plane and control plane;The data plane is implemented to follow the tradition e-mail interaction of SMTP and POP3 agreement, including SMTP client End, SMTP server-side, POP3 client and POP3 server-side;Plane is controlled according to the e-mail interaction row previously from data plane To form e-mail denial inhibition strategy, including behavior evidence obtaining module, denial detection module, denial evaluation module, denial prediction mould Block and inhibition strategy form module;Forwarding plane foundation inhibits strategy to form flow table from the denial of control plane, and being based on should Flow table is forwarded control, including flow table computing module and forward process mould to the current e-mail interaction occurred in data plane Block;The e-mail interaction and POP3 client that the SMTP client is initiated to SMTP server-side are initiated to transfer by telegram to POP3 server-side Interaction, forward process module interact data delivery control to both the above e-mail interaction according to current flow table, and will be related Data delivery event is committed to behavior evidence obtaining module, and behavior collects evidence module to the progress resisting denying binding of data delivery event, and will As a result denial detection module is submitted in the form of transferring evidence by telegram and carries out denial detection, is denied evaluation module assessment and is denied detection mould Assessment result is simultaneously submitted to denial prediction module in the form that malice is denied by the testing result of block, is inhibited strategy to form module and is received Formed to deny after to the prediction result for denying prediction module and inhibit strategy and be committed to flow table computing module, flow table computing module according to Inhibit strategy that e-mail data delivery flow table is adjusted according to denying, and the new flow table after adjusting is supplied to forward process mould Block is used to control the e-mail interaction of next round.
Further, the SMTP client and POP3 client are that SMTP association is followed under TCP/IP Generation Internet respectively The e-mail of view sends agency and follows the e-mail Receiving Agent (such as Foxmail and Outlook Express etc.) of POP3 agreement, SMTP client and POP3 client be e-mail system user interface realize the e-mail editor of user terminal, send, receive with it is interior Hold the functions such as browsing;The SMTP server-side and POP3 server-side be respectively under TCP/IP Generation Internet provide SMTP service and POP3 service software and hardware facilities general name, respectively to the e-mail from SMTP client and go to POP3 client e-mail carry out Transfer.
Further, the flow table computing module inhibits policy calculation to go out to transfer data by telegram according to the denial from control plane Flow table is submitted, and is submitted to forward process module;The forward process module is according to flow table to the electricity from data plane Postal data carry out submitting control, thus achieve the purpose that e-mail deny source inhibit, such as by SMTP client with Submitting for SMTP server-side e-mail data forbids coming source inhibition e-mail transmission denial or by POP3 client and POP3 Submitting for server-side e-mail data forbids coming source inhibition e-mail reception denial etc..
Further, the behavior evidence obtaining module is using undeniable technology to the electricity perceived from forward process module Postal interbehavior carries out resisting denying binding, and binding result is submitted to denial detection module in the form of transferring evidence by telegram;It is described It denies detection module and denial detection is carried out to the e-mail entity behavior of signing for according to the e-mail evidence from behavior evidence obtaining module, and will Testing result submits to denial evaluation module in the form of transferring denial by telegram;The denial evaluation module is to from denial detection module E-mail deny and carry out risk assessment, and will be provided with the denial behavior of harmfulness in the form that malice is denied to submit to denial pre- Survey module;It is described deny prediction module to malice deny diffusion situation and evolution trend predict, and by prediction result with The form for denying situation submits to inhibition strategy and forms module;It is sincere most from the e-mail system overall situation that the inhibition strategy forms module Stabilisation angle, which is set out, makes denial Restrain measurement, and inhibits the form of strategy to submit to flow table calculating to deny its result Module.
The suppressing method that source inhibits system is denied in the e-mail that the invention also discloses above-mentioned based on SDN, successively include with Lower step:
(1) forward process module initiates SMTP client to SMTP server-side according to current flow table e-mail interaction and The e-mail interaction that POP3 client is initiated to POP3 server-side carries out data delivery and controls to realize to potential e-mail denial behavior Source inhibit, potential e-mail denial behavior, then submit failure, go to step (1) if it exists;Row is denied in potential e-mail if it does not exist Then to submit success, executing step (2);
(2) forward process module will occur in data delivery event thereon to submit to control in the form of the behavior of transferring by telegram flat The behavior evidence obtaining module in face;
(3) after behavior evidence obtaining module receives the data of forward process module, using undeniable technology to flat from forwarding Resisting denying binding is implemented in the e-mail behavior in face, and binding result is submitted to denial detection module in the form of transferring evidence by telegram;
(4) it denies detection module and carries out denial detection according to the e-mail evidence from behavior evidence obtaining module, and will test knot Fruit submits to denial evaluation module in the form of transferring denial by telegram;Deny detection method be by from e-mail evidence in it is counter derive to True e-mail behavior and e-mail entity declared sign for behavior carry out comparison of coherence transferred by telegram if inconsistent It denies;
(5) it denies evaluation module and progress risk assessment, and the form that assessment result is denied with malice is denied to e-mail Submit to denial prediction module;Risk assessment is to deny sign for reliability calculating to e-mail, and weigh based on reliability is signed for Density of infection is denied in amount e-mail;The big e-mail denial of harmfulness is defined as malice to deny;
(6) deny prediction module using link Predicting Technique to malice deny e-mail connected space in diffusion situation with Evolution trend is predicted, and prediction result is submitted to inhibition strategy in the form of denying situation and forms module;Supporting herein Bad situation is by e-mail entity and to sign for the two-dimensional vector matrix that reliability constitutes;
(7) inhibit strategy to form module to formulate according to denial situation from the global sincere angle that most stabilizes of e-mail system Restrain measurement is denied, and inhibits the form of strategy to submit to flow table computing module to deny scenario outcomes;
(8) flow table computing module is adjusted existing e-mail data delivery flow table according to inhibition strategy is denied, and will New flow table is supplied to forward process module for controlling the e-mail data interaction of next round.Interaction is transferred by telegram in next round When, go to step (1).
Further, when the e-mail evidence in the step (3) is association e-mail behavior participant, interaction content and interaction Between anti-tamper cryptography evidence.
Further, the behavior of signing in described (4) is to transfer entity by telegram externally to declare implemented e-mail behavior;Including Honesty is declared or is disallowed;It is no that the e-mail denial refers to that e-mail entity gives the e-mail behavior implemented already for private interests Recognize, generally including e-mail transmission denial, (such as sender has sent e-mail to recipient, but sender denies once being transmitted across electricity afterwards Postal is to recipient) and e-mail receive and deny that (such as recipient receives the e-mail of sender's transmission, but recipient denies once receiving afterwards The e-mail to come over from sender).
Further, the reliability of signing in the step (5) is that the public signs for behavior to e-mail entity in e-mail system Sincere degree of recognition;It includes signing for reliability just to estimate and sign for reliability revaluation that this, which signs for reliability appraisal procedure,;Wherein, reliability is signed for just to estimate Preliminary iotave evaluation is carried out only in accordance with current denial testing result;Signing for reliability revaluation is comprehensive history evaluation to current original Begin to evaluate recalculates.
The utility model has the advantages that compared with prior art, the invention has the following advantages that
(1) present invention follow the SDN theory that control is mutually separated with data, by will transfer denial inhibition logic be embedded into it is soft Part definition e-mail control logic, realizes the On-line Control to potential e-mail denial behavior, breaches existing Generation Internet frame Structure because controllability lack caused by e-mail deny be only capable of afterwards detect due to can not source inhibit technical bottleneck.
(2) for the present invention without destroying traditional Email interaction models, this supports the e-mail realized based on the present invention Source is relied to inhibit system can be with the e-mail network infrastructure of current widespread deployment compatible with enormously simplifying the present invention The cost and complexity of system deployment.
In conclusion the present invention inhibits logical AND e-mail interaction data logic progress decoupling by denying to e-mail, with The mode of closed loop On-line Control realizes that the source to e-mail denial behavior inhibits, and improves the sincerity and safety of e-mail interaction.
Detailed description of the invention
Fig. 1 is the method for the present invention structure and process flow diagram;
Fig. 2 is the network deployment diagram of the embodiment of the present invention;
Fig. 3 signs for behavior injection model schematic diagram for the embodiment of the present invention;
Fig. 4 is 12 kinds of comparative result schematic diagrams for signing for reliability assessment of the embodiment of the present invention;
Fig. 5 is that the collusion of the embodiment of the present invention influences height analysis comparison schematic diagram to Approximation;
Fig. 6 (a) illustrates without collusion without e-mail denial source inhibition assay result under calumny scene for the embodiment of the present invention Figure;
Fig. 6 (b) is that having without collusion for the embodiment of the present invention transfers denial source inhibition assay result signal by telegram under calumny scene Figure;
Fig. 6 (c) is that having for the embodiment of the present invention is conspired without e-mail denial source inhibition assay result signal under calumny scene Figure;
Fig. 6 (d) has collusion to have e-mail under calumny scene to deny the signal of source inhibition assay result for the embodiment of the present invention Figure;
Fig. 7 is that recall rate, precision rate and harmonic-mean schematic diagram are denied in the e-mail of the embodiment of the present invention;
Fig. 8 (a) is pressing down without present system under calumny scene to the source that e-mail is denied without collusion for the embodiment of the present invention It makes and signs for transfer the subsequent inhibition assay result contrast schematic diagram for denying e-mail by telegram;
Fig. 8 (b) has the source suppression that present system denies e-mail under calumny scene without collusion for the embodiment of the present invention It makes and signs for transfer the subsequent inhibition assay result contrast schematic diagram for denying e-mail by telegram;
Fig. 8 (c) has source suppression of the collusion without present system under calumny scene to e-mail denial for the embodiment of the present invention It makes and signs for transfer the subsequent inhibition assay result contrast schematic diagram for denying e-mail by telegram;
Fig. 8 (d) has collusion to have present system under calumny scene to press down the source that e-mail is denied for the embodiment of the present invention It makes and signs for transfer the subsequent inhibition assay result contrast schematic diagram for denying e-mail by telegram.
Specific embodiment
Technical solution of the present invention is described in detail in conjunction with the accompanying drawings and embodiments below.
As shown in Figure 1, source is denied in a kind of e-mail based on SDN of the invention inhibits system, including data plane, forwarding Plane and control plane;The data plane implementation follows the e-mail of SMTP and POP3 agreement tradition and interacts, including SMTP client, SMTP server-side, POP3 client and POP3 server-side;Plane is controlled according to the previously e-mail interbehavior from data plane It is formed and transfers denial inhibition strategy by telegram, including behavior evidence obtaining module, denial detection module, denial evaluation module, denial prediction module Module is formed with inhibiting tactful;Forwarding plane inhibits strategy to form flow table according to the denial from control plane, and is based on the stream Table is forwarded control, including flow table computing module and forward process module to the current e-mail interaction occurred in data plane; The e-mail interaction and POP3 client that the SMTP client is initiated to SMTP server-side are initiated e-mail to POP3 server-side and are handed over Mutually, the control of forward process module interacts data delivery control to both the above e-mail interaction, and related data is submitted thing Part is committed to behavior evidence obtaining module, denies detection module and carries out denying the e-mail card that binding is denied in detection by behavior evidence obtaining module According to, deny evaluation module assessment deny detection module testing result and by assessment result with malice deny form submit to Rely prediction module, inhibition tactful formed forms denial inhibition strategy after module receives the prediction result for denying prediction module and submit To flow table computing module, flow table computing module is adjusted existing e-mail data delivery flow table according to inhibition strategy is denied, And new flow table is supplied to the e-mail interaction that forward process module is used to control next round.
It is above-mentioned based on SDN e-mail deny source inhibit system suppressing method, successively the following steps are included:
(1) forward process module initiates SMTP client to SMTP server-side according to current flow table e-mail interaction and The e-mail interaction that POP3 client is initiated to POP3 server-side carries out data delivery and controls to realize to potential e-mail denial behavior Source inhibit, potential e-mail denial behavior, then submit failure, go to step (1) if it exists;Row is denied in potential e-mail if it does not exist Then to submit success, executing step (2);
(2) forward process module will occur in data delivery event thereon to submit to control in the form of the behavior of transferring by telegram flat The behavior evidence obtaining module in face;
(3) after behavior evidence obtaining module receives the data of forward process module, using undeniable technology to flat from forwarding Resisting denying binding is implemented in the e-mail behavior in face, and binding result is submitted to denial detection module in the form of transferring evidence by telegram;
(4) it denies detection module and carries out denial detection according to the e-mail evidence from behavior evidence obtaining module, and will test knot Fruit submits to denial evaluation module in the form of transferring denial by telegram;The method for denying detection is will transfer the associated binding of evidence true The behavior progress comparison of coherence of signing for of real e-mail behavior and e-mail entity is denied if inconsistent;
(5) it denies evaluation module and progress risk assessment, and the form that assessment result is denied with malice is denied to e-mail Submit to denial prediction module;Risk assessment is to deny sign for reliability calculating to e-mail, and weigh based on reliability is signed for Density of infection is denied in amount e-mail;The big e-mail denial of harmfulness is defined as malice to deny;
(6) deny prediction module using link Predicting Technique to malice deny e-mail connected space in diffusion situation with Evolution trend is predicted, and prediction result is submitted to inhibition strategy in the form of denying situation and forms module;Supporting herein Bad situation is by e-mail entity and to sign for the two-dimensional vector matrix that reliability constitutes;
(7) inhibit strategy to form module to support according to denial situation from the global sincere most stable angle formulation of e-mail system Rely Restrain measurement, and inhibits the form of strategy to submit to flow table computing module to deny scenario outcomes;
(8) flow table computing module is adjusted current e-mail data delivery flow table according to inhibition strategy is denied, with new The form of flow table be supplied to forward process module for controlling the e-mail data interaction of next round.Interaction hair is transferred by telegram in next round When raw, (1) is gone to step.
Core link in the above process is behavior evidence obtaining, denies detection, deny assessment, denies prediction and inhibit tactful shape At the specific working principle is as follows:
(1) behavior is collected evidence, i.e., it is secret to carry out two-way feature end to end while unidirectional end-to-end e-mail content transmitting Exchange, used behavior evidence binding mechanism include 3 agreements, are that main agreement and abort and resolve two are auxiliary respectively Help agreement.Related symbol is described as follows:
A, B, TTP, M: e-mail sender, intended recipient Bi set, trusted third party, e-mail content;
B ': the Bi set of successful execution main agreement step 2, is B subset;
B "=B-B ': gathered by the A Bi for cancelling the power of reception, be B subset;
B " _ cancelled: gathered by the TTP Bi for cancelling the power of reception, be B " subset;
B " _ finished: resolve agreement of seeking help is restored to receive the Bi set of power, is B subset;
SX(M): digital signature of the entity X to M;
PX(M),EK(M): asymmetric encryption being carried out to M with entity X public key, symmetric cryptography is carried out to M with key K;
PB(M)=PB1(M),PB2(M) ...=EK(M),PB1(K),PB2(K) ...: set B carries out group's encryption to M;
Z=PTTP(A,B,PB(M)): feature secret Z;
L=h (M): agreement wheel fresh tag, h are one-way Hash function.
In normal conditions: main agreement, which is used only, in e-mail evidence binding can be completed, and participate in without TTP.
Main agreement:
1.Z,L,SA(Z,L);
2.Bi→A:L,SBi(Z,L);
3.PB′(M),L.
Z exchange is abnormal: if A has executed the feedback label for not receiving certain set Bi ∈ (B "=B-B ') after main agreement walks 1 Name SBi(Z, L), A execute abort agreement to abandon the interaction with these Bi.
Abort agreement:
1′.A→TTP:PTTP(B″),Z,L,SA(cancel,B″,Z,L);
2′.TTP:for(all Bi∈B″){
if(Bi∈B″_finished)then retrieves SBi(Z,L);
else appends Bi into B″_cancelled.}
3′.TTP→A:all retrieved SBi(Z,L),B″_cancelled,STTP(B″_cancelled,Z,L),L.
M transmitting is abnormal: if Bi does not receive P after having executed main agreement step 2Bi(M) or M is tampered, and resolve can be performed in Bi Agreement is to restore interactive.
Resolve agreement:
1″.Bi→TTP:Z,L,SBi(Z,L);
if(Bi∈B″_cancelled)then
2′.TTP→Bi:B″_cancelled,STTP(B″_cancelled,Z,L),L;
else{2′.TTP→Bi:PBi(M),L;
3′.TTP:appends Bi into B″_finished,and stores SBi(Z,L);}
After the completion of behavior evidence obtaining, A holds e-mail and receives evidence { SBi(Z,L),STTP(B " _ cancelled, Z, L) }, Bi is held There is e-mail to send evidence { SA(Z,L),STTP(B″_cancelled,Z,L)}.
(2) detection is denied
For transferring entity A by telegram and send e-mail M to group B, provides the embedded e-mail of " binding of behavior evidence " component and deny Detection algorithm is described as follows:
It includes two kinds of situations that sender, which denies: A is not transmitted across M to Bi but declares to be transmitted across, and is transmitted across but declares not It is transmitted across.Since the former can not provide binding evidence, only the latter is unfolded to detect herein, is detailed in algorithm 1.
Algorithm 1.DER_sender//sender denies detection
Input: CESBA// sender declares behavior, and 0=not sent M, 1=have sent M
SA(Z,L),STTP(B " _ cancelled, Z, L) // e-mail sends evidence
Z,L,B,B″_cancelled,M,PBi(M),PB(M) // additional information
Output: SR//sender denies testing result, and 0=is denied, and 1=is honest
Similarly, denial detection only was carried out to " Bi reception came from M but declared not receive " herein, is detailed in algorithm 2.
Algorithm 2.DER_receiver//recipient Bi denies detection
Input: CERBBi// recipient declares behavior, and 0=does not receive M, and 1=has received M
SBi(Z,L),STTP(B " _ cancelled, Z, L) // e-mail receives evidence
Z,L,B,B″_cancelled,M,PBi(M),PB(M) // additional information
Output: RR//recipient denies testing result, and 0=is denied, and 1=is honest
(3) assessment is denied
The present invention measures the harmfulness that e-mail is denied using reliability is signed for.The assessment that e-mail entity signs for reliability is divided into two Step is completed, and is described below:
It signs for reliability just to estimate: being provided based on e-mail denial testing result and initially sign for reliability (raw value), i.e. RCRt= f(SRt,RRt), wherein RCRtReliability, SR are initially signed for for t wheeltAnd RRtE-mail is taken turns for t and denies testing result, and f () is to sign for letter Degree just estimates model.
It signs for reliability revaluation: signing for reliability RCR to initialtApproximation process is done, reliability is signed for promotion and signs for behavior Approximation ratio, i.e. CRt=g (RCRt), wherein CRtRevaluation is taken turns for t and signs for reliability, and g () is to sign for reliability revaluation model.
Have much due to may be directly applied to sign for the credibility evaluation model that reliability is just estimated, therefore emphasis provides and signs for letter herein Revaluation model is spent, is described as follows:
CRt=α * RCRt+β*Ht+γ*Dt+δ*Dt*|SDt|,0<α<1,0<β<1,0<γ<1,0<δ<1(1)
The model (initially signs for reliability RCR using 4 class datat, history signs for reliability Ht, sign for reliability stability bandwidth Dt, label Collection of letters degree fluctuation tendency SDt) come to RCRtCarry out revaluation.Component H in formula 1t,Dt,SDtCalculation method such as formula 8, formula 9 and 10 institute of formula Show:
ρ (0 < ρ≤1) and LH is respectively the concern factor and concern number of time slots that history neighbour signs for reliability, formula 4 in formula 2 Middle θ (0 < θ≤1) and LDH be respectively history neighbour sign for reliability stability bandwidth the concern factor and concern number of time slots, and LH and LDH is usually arranged as the oscillation time slot size that e-mail entity strategy denies behavior;α and β requires beta/alpha direct ratio in setting in formula 1 In LH, and γ and δ intend following formula 5 and formula 6 in setting:
It should be noted that the current time calculating due to formula 2, formula 3 and formula 4 can use the intermediate result of previous moment It is iterated calculating, therefore signs for the calculation amount and little of reliability update, time complexity is no more than O (n+11), and n is a pair herein Transfer the number of recipient under more communication topologies by telegram.In view of signing for a part that reliability is the whole network view, therefore it is by SDN controller, It is responsible for possessing and is safeguarded by " Mail Gateway ".
(4) it denies prediction and strategy is inhibited to be formed
Denying in the present invention inhibits the formation of strategy to use based on the comparative approach for signing for reliability threshold values, signs for letter herein Bottom valve value refers in particular to e-mail entity the patient other side's entity of institute is minimum in e-mail behavior implementation process sign for reliability.
Concrete thought is as follows: signing for reliability in e-mail transmitting-receiving side and signs for reliability threshold values CRT not less than total systemt(global) Under the premise of, if e-mail sender A's signs for reliability TVt(A) reliability threshold values CRT is signed for lower than e-mail recipient Bit(Bi), Then forbid sending, it is on the contrary then allow to send;If e-mail recipient Bi's signs for reliability TVt(Bi) lower than the label of e-mail sender A Collection of letters bottom valve value CRTt(A), then forbid receiving, it is on the contrary then allow to receive.Its reasonability can sign for action space in e-mail entity It inside makes an explanation: by taking the first situation as an example, due to TVt(A) it is less than CRTt(Bi), i.e. A is previously to sign for the synthesis in behavior sincere The tolerance lowest limit that letter performance can bear lower than Bi, then A can be estimated with high probability in the following Minimum-time significantly A possibility that behavior expression is signed in improvement can be extremely low, and A can be forbidden to send to Bi thus and transferred by telegram;Other situations are similar.
Algorithm 3 gives denial and inhibits tactful formation algorithm, wherein A and B={ B1,B2,…,B|B|It is respectively that e-mail is sent Side and e-mail recipient, TVt(x) and CRTt(x) being respectively e-mail entity x reliability and signs for reliability threshold values in signing for of take turns of t.
Algorithm 3.ISF//inhibition strategy formation algorithm
Input: TVt(A),CRTt(A),{TVt(Bi)},{CRTt(Bi)},CRTt(global)
Output: ris//denial inhibits strategy, element (00)bitTo allow to interact, (01)bitForbid receiving to allow to send,
(10)bitAllow to receive to forbid sending, (11)bitTo forbid interacting
Embodiment 1:
A true e-mail is established in the present embodiment and denies source inhibition system, and building for the system has used open source work Have OpenFlow, and denies source suppressing method using e-mail of the invention and carry out denial inhibition.
The building of system is inhibited to be related to 5 PC as shown in Fig. 2, source is denied in the e-mail in the present embodiment, in which: PC0 (operation open source POX, system platform Ubuntu12.04) is used as SDN controller, operation e-mail deny inhibit logic with formed to Rely and inhibit strategy, and Policy Result is distributed into OpenFlow interchanger by OpenFlow agreement.PC1 and PC2 (operation open source OpenFlow, system platform Ubuntu12.04) it is used as OpenFlow interchanger, the denial provided according to SDN controller inhibits Strategy forms e-mail content delivery flow table to regulate and control e-mail data interaction.(operation customization software NRMail, system platform are PC3 Win7 it) is used as email client, on the one hand the SMTP and POP3 client functionality of traditional e-mail system is provided;On the other hand it carries out E-mail behavior extraction and evidence binding are to simplify to realize herein, and TTP function needed for evidence binding is by TTP process generation for customizing For realization, evidence signature and authentication function by the sign process that customizes on behalf of realizing);PC4 (operation Winmail Mail Server V5.1.2, system platform Win7) it is used as mail server, SMTP and the POP3 service of traditional e-mail system are provided. PC0, PC1 and PC2 in Fig. 3 in 192.168.100.0 network collectively form SDN control channel, in 192.168.111.0 network PC3, PC1 and 192.168.122.0 network in PC2, PC4 collectively form SDN data channel.
Specific experiment parameter is provided that
A, transferring entity sum in system by telegram is 1025 (wherein malicious entities account for 20%);Entity behavioural norm is as follows: honest Entity always declare e-mail behavior, (do not slander without collusion (will not drive up mutually and sign for reliability), always without calumny always by honesty It ruins other people and signs for reliability);Malicious entities can non-honesty declare that (it would generally declare and disallow a plan in honesty for e-mail behavior Slightly fluctuation to play one's own game), denial can be conspired each other, honest entity can be calumniated.
B, it transfers entity in system by telegram and signs for behavior injection model such as Fig. 3, while the behavior expression value that e-mail is denied is set and is 0.1, the behavior expression value of non-denial is 1;Strategy fluctuation time slot is 10 timeslices, i.e. period of waves is 20 timeslices.
C, signing for marking denial assessment evidence sample value when reliability is just estimated is 0.1, the non-denial sample value of label is 1, reliability Weighting simple summation classic algorithm is selected when total.
D, setting signs for reliability revaluation parameter and is respectively as follows: α=0.2, β=0.8, γ1=0.05 | γ2=0.2, δ1=0.05 |δ2=0.2, ρ=0.75 | 1, LH=10, θ=0.75 | 1, LDH=10.
E, CRT is sett(global)=0.4, setting threshold coefficient is 0.8, i.e. CRTt(x)=TVt(x)*0.8。
E-mail denies source and inhibits system operation data 1 --- and it signs for reliability and approaches test:
It signs for reliability and more approaches the behavior of signing for, deny and strategy is inhibited more to have specific aim.However, reliability class assesses institute Intrinsic time lag can but increase the deviation for signing for reliability.Reliability Approximation is signed for for the mentioned method of the examination present invention, with In Fig. 3 behavior model be input, Fig. 4 give whether there is or not collusion situation under when without calumniate, have calumny, θ=1 ρ=1&, ρ=1& θ= 0.75, θ=1 ρ=0.75& and 12 kinds when ρ=0.75& θ=0.75 sign for reliability assessment situation.It can be seen that (1) calumniates meeting It reduces (honest entity) and signs for reliability Approximation;(2) although collusion can be lifted (malicious entities) and sign for reliability, suitably reduction ρ (ρ=0.75<1) and lifting θ (θ=1>0.75), which can improve, signs for reliability Approximation.
It is examination collusion to the influence amplitude for signing for reliability Approximation, Fig. 5 is directed to ρ=1& θ=1, ρ=1& θ=0.75, ρ θ=1=0.75& and this 4 groups of conditions of θ=0.75 ρ=0.75&, than right 8 kinds when there is collusion to occur and occur without collusion (malicious entities) sign for reliability assessment situation.There it can be seen that for compared with no collusion, when the behavior of signing for is switched to deny by honesty When, collusion, which can increase, signs for reliability deviation property;Conversely, collusion can be promoted and sign for letter when the behavior of signing for switchs to honesty by denying Spend Approximation.It means that malice e-mail entity is itself preferably hidden denial behavior, when attempting to deny e-mail behavior It can select to conspire, conversely, no collusion can be selected when attempting honesty and declaring e-mail behavior.
E-mail denies source and inhibits system operation data 2 --- the detection of source inhibitory effect:
Transferred by telegram for detection and deny source inhibitory effect, for without collusion without calumny, have without collusion calumny, have collusion without slandering Slander has collusion to have 4 kinds of scenes of calumny, Fig. 6 (a), figure) 6 (b), Fig. 6 (c) and Fig. 6 (d) successively give setting ρ=1& θ= Transfer the electricity curbed when interaction total amount gradually rises to 10000 by source when 0.75 (signing for the worst situation of reliability degree of approximation) by telegram Sending by mail is delivered bad, e-mail and receives denial, transfers by telegram to receive and dispatch and deny, and the interactive accounting number without denial this 4 class denial situation of e-mail According to.As shown in table 1, as e-mail interaction times being increasing, the e-mail curbed by source send deny average accounting from Initial 0.2438 drops to 0.0197, and e-mail receives the average accounting of denial and drops to 0.0199 from initial 0.2152, e-mail Transmitting-receiving denies average accounting and drops to 0 from initial 0.0139, and at the same time, e-mail interaction success is averaged accounting from initial 0.6204 rises to 0.9574.This shows that e-mail proposed by the present invention denies source suppressing method and e-mail entity can be promoted to hold The sincere e-mail interaction without denial of row.
The analysis of source inhibitory effect is denied in the e-mail of table 1
E-mail denies source and inhibits system operation data 3 --- the assessment of source rejection ability:
3 kinds of assessment proposed adoption common assessment classifier modules of source rejection ability: recall ratio are denied to e-mail (Recall), precision ratio (Precision) and harmonic-mean (F-measure).Specifically, if TP is correctly to be known in advance The sample number denied Wei not transferred by telegram, FN is that sample number, the FP for being mistaken for transferring no denial by telegram in advance are to be mistaken for transferring by telegram in advance The sample number of denial is then transferred by telegram and denies recall ratio R=TP/ (TP+FN), precision ratio P=TP/ (TP+FP) is denied in e-mail, is reconciled and is put down Mean value F=2*P*R/ (P+R).
For having calumny without calumny, without collusion without collusion, having collusion without calumniating, having collusion to have 4 kinds of scenes of calumny, Fig. 7 is given Transferred by telegram when having gone out ρ=1& θ=0.75 interaction total amount from 1 rise to 10000 when e-mail deny recall ratio, precision ratio is denied in e-mail And harmonic-mean.Although from table 2 it can be seen that having calumny without calumny, without collusion without collusion, having collusion total without calumniating and having It is only 0.3730 that scheme, which has the e-mail in the case of this 4 kinds of calumny to deny recall ratio mean value, but precision ratio is up to 0.9992, and also 0.5264 preferable harmonic-mean is obtained, this shows that the present invention has certain e-mail and denies source rejection ability.
The analysis of source rejection ability is denied in the e-mail of table 2
E-mail deny source inhibit system operation data 4 --- with sign for e-mail compared with
In view of existing e-mail technology of signing for can only provide e-mail denial subsequent inhibition function, the present invention intends emphasis and compares label Receive the denial source inhibitory effect of method in the subsequent inhibitory effect of denial and the present invention of e-mail technology.Ensure that the two compares Justice, to be compared signs for e-mail system on construction platform and supporting protocol still using based on network deployment diagram institute shown in Fig. 2 The experiment porch and behavior evidence binding mechanism above-mentioned built.Specific configuration are as follows: cutting PC0 modifies flow table on PC1 and PC2 With message between two-way permission PC3 and PC4, using transferred by telegram on NRMail on PC3 and PC4 server construction it is to be compared sign for transferring by telegram System.
For without collusion without calumny, have without collusion calumny, have collusion without calumniating, there is collusion to have 4 kinds of scenes of calumny, Fig. 8 (a), it transfers interaction total amount when Fig. 8 (b), Fig. 8 (c) and Fig. 8 (d) successively give ρ=1& θ=0.75 by telegram and rises to 10000 from 1 When, the present invention is denied with the e-mail for signing for e-mail inhibits comparative situation.It can be seen that and match in homogeneous system from table 3-1 and table 3-2 It sets down, when e-mail interaction total amount reaches 10000, the e-mail of context of methods denies source and inhibits accounting and sign under 4 kinds of scenes The e-mail of e-mail is denied subsequent inhibition accounting and is more approached, and 94.85%, 99.53%, 99.09% and has been respectively reached 99.10%, this shows that the present invention can effectively make up tradition and sign for deficiency of the e-mail technology on denial source inhibits, greatly Improve the sincerity and safety of e-mail system.
Table 3-1 benefit analysis of the present invention
Table 3-2 benefit analysis (Continued) of the present invention

Claims (7)

1. source is denied in a kind of e-mail based on SDN inhibits system, it is characterised in that: including data plane, Forwarding plane and control Plane processed;The data plane is implemented to follow the tradition e-mail interaction of SMTP and POP3 agreement, including SMTP client, SMTP clothes Business end, POP3 client and POP3 server-side;Control plane forms electricity according to the previously e-mail interbehavior from data plane Postal denial inhibition strategy, including behavior evidence obtaining module, denial detection module, denial evaluation module, denial prediction module and inhibition Strategy forms module;Forwarding plane inhibits strategy to form flow table according to the denial from control plane, and based on the flow table to hair The raw current e-mail interaction in data plane is forwarded control, including flow table computing module and forward process module;
The e-mail interaction and POP3 client that the SMTP client is initiated to SMTP server-side are initiated electric to POP3 server-side Postal interaction, forward process module interact data delivery control to both the above e-mail interaction according to current flow table, and by phase It closes data delivery event and is committed to behavior evidence obtaining module, behavior collects evidence module to the progress resisting denying binding of data delivery event, and Result is submitted to denial detection module in the form of transferring evidence by telegram and carries out denial detection, evaluation module assessment is denied and denies detection Assessment result is simultaneously submitted to denial prediction module in the form that malice is denied by the testing result of module, and strategy is inhibited to form module Denial inhibition strategy is formed after receiving the prediction result for denying prediction module and is committed to flow table computing module, flow table computing module Inhibit strategy that e-mail data delivery flow table is adjusted according to denying, and the new flow table after adjusting is supplied to forward process Module is used to control the e-mail interaction of next round;
The flow table computing module inhibits policy calculation to go out e-mail data delivery flow table according to the denial from control plane, and will It submits to forward process module;The forward process module submits the e-mail data from data plane according to flow table Control;
The detection module of denying denies the e-mail entity behavior of signing for according to the e-mail evidence from behavior evidence obtaining module Detection, and will test result and submit to denial evaluation module in the form of transferring denial by telegram;
The evaluation module of denying will be provided with harmfulness to the e-mail denial progress risk assessment from denial detection module Denial behavior with malice deny form submit to denial prediction module;
It is described to deny diffusion situation that prediction module denies malice and evolution trend is predicted, and by prediction result to deny The form of situation submits to inhibition strategy and forms module;
The inhibition strategy formation module formulates denial Restrain measurement from the global sincere angle that most stabilizes of e-mail system, and The form of strategy is inhibited to submit to flow table computing module to deny its result.
2. source is denied in the e-mail according to claim 1 based on SDN inhibits system, it is characterised in that: the SMTP visitor Family end and POP3 client are to follow the e-mail transmission agency of smtp protocol under TCP/IP Generation Internet and follow POP3 respectively The e-mail Receiving Agent of agreement, SMTP client and POP3 client are that the user interface of e-mail system realizes the e-mail of user terminal Editor sends, receives and content-browsing function;The SMTP server-side and POP3 server-side are TCP/IP Generation Internet respectively It is lower that the software and hardware facilities general name of SMTP service and POP3 service is provided, to the e-mail from SMTP client and go to POP3 respectively The e-mail of client carries out transfer.
3. source is denied in the e-mail according to claim 1 based on SDN inhibits system, it is characterised in that: the behavior takes Card module carries out resisting denying binding to the e-mail interbehavior perceived from forward process module using undeniable technology, and Binding result is submitted to denial detection module in the form of transferring evidence by telegram.
4. the inhibition that source inhibits system is denied in a kind of e-mail applied to described in claims 1 to 3 any one based on SDN Method, it is characterised in that: successively the following steps are included:
(1) the e-mail interaction and POP3 that forward process module initiates SMTP client to SMTP server-side according to current flow table The e-mail interaction that client is initiated to POP3 server-side carries out data delivery control to realize the source to potential e-mail denial behavior Head inhibits, and potential e-mail denial behavior, then submit failure, go to step (1) if it exists;Potential e-mail denial behavior if it does not exist, Success is then submitted, is executed step (2);
(2) forward process module will occur in data delivery event thereon and be submitted to control plane in the form of the behavior of transferring by telegram Behavior evidence obtaining module;
(3) after behavior evidence obtaining module receives the data of forward process module, using undeniable technology to from Forwarding plane Resisting denying binding is implemented in e-mail behavior, and binding result is submitted to denial detection module in the form of transferring evidence by telegram;
(4) deny detection module according to from behavior evidence obtaining module e-mail evidence carry out denial detection, and will test result with The form that e-mail is denied submits to denial evaluation module;Deny detection method be by from e-mail evidence in it is counter derive it is true The behavior of signing for that real e-mail behavior and e-mail entity are declared carries out comparison of coherence, if inconsistent, e-mail has occurred and denies;
(5) it denies evaluation module and progress risk assessment is denied to e-mail, and assessment result is submitted in the form that malice is denied Give denial prediction module;Risk assessment is to deny sign for reliability calculating to e-mail, and measure electricity based on reliability is signed for Density of infection is denied in postal;The big e-mail denial of harmfulness is defined as malice to deny;
(6) prediction module is denied to deny the diffusion situation in e-mail connected space to malice using link Predicting Technique and develop Trend is predicted, and prediction result is submitted to inhibition strategy in the form of denying situation and forms module;Denial state herein Gesture is by e-mail entity and to sign for the two-dimensional vector matrix that reliability constitutes;
(7) inhibit strategy to form module and formulate denial from the global sincere angle that most stabilizes of e-mail system according to denial situation Restrain measurement, and inhibit the form of strategy to submit to flow table computing module to deny scenario outcomes;
(8) flow table computing module transfers data delivery flow table by telegram according to inhibition strategy adjustment is denied, and is provided in the form of new flow table It is used to control the e-mail data interaction of next round to forward process module, when next round transfers interaction generation by telegram, goes to step (1).
5. the suppressing method that source inhibits system is denied in the e-mail according to claim 4 based on SDN, it is characterised in that: E-mail evidence in the step (3) is the anti-tamper cryptography for being associated with e-mail behavior participant, interaction content and interaction time Evidence.
6. the suppressing method that source inhibits system is denied in the e-mail according to claim 4 based on SDN, it is characterised in that: The behavior of signing in the step (4) is to transfer entity by telegram externally to declare implemented e-mail behavior;It declares or refuses including honesty Recognize absolutely;The e-mail denial refers to that e-mail entity denies the e-mail behavior occurred already for private interests, including e-mail It sends to deny and transfer by telegram to receive and deny.
7. the suppressing method that source inhibits system is denied in the e-mail according to claim 4 based on SDN, it is characterised in that: Reliability of signing in the step (5) is the sincere degree of recognition that the public signs for behavior to e-mail entity in e-mail system;Sign for letter Degree appraisal procedure includes signing for reliability just to estimate and sign for reliability revaluation;Wherein, reliability is signed for just to estimate only in accordance with current denial inspection It surveys result and carries out preliminary iotave evaluation;Signing for reliability revaluation is that comprehensive history evaluation recalculates current iotave evaluation.
CN201610392300.8A 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method Expired - Fee Related CN105827521B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610392300.8A CN105827521B (en) 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610392300.8A CN105827521B (en) 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method

Publications (2)

Publication Number Publication Date
CN105827521A CN105827521A (en) 2016-08-03
CN105827521B true CN105827521B (en) 2019-07-05

Family

ID=56532728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610392300.8A Expired - Fee Related CN105827521B (en) 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method

Country Status (1)

Country Link
CN (1) CN105827521B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102170407A (en) * 2011-04-18 2011-08-31 南京审计学院 Method for realizing electronic mail credibility management on the basis of anti-fraud control logic unit
CN105450502A (en) * 2014-09-19 2016-03-30 陈耿 Software-defined network oriented email denial suppression system and suppression method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102170407A (en) * 2011-04-18 2011-08-31 南京审计学院 Method for realizing electronic mail credibility management on the basis of anti-fraud control logic unit
CN105450502A (en) * 2014-09-19 2016-03-30 陈耿 Software-defined network oriented email denial suppression system and suppression method thereof

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
电子邮件UA与MTA间抗抵赖协议的研究与实现;夏春和等;《计算机研究与发展》;20070228;全文
电子邮件抗抵赖的研究与实现;彭红艳;《中国优秀硕士学位论文全文数据库信息科技辑》;20040315;全文

Also Published As

Publication number Publication date
CN105827521A (en) 2016-08-03

Similar Documents

Publication Publication Date Title
US20220182415A1 (en) Enforcing security parameters specified by an owner on a blockchain platform
US11563557B2 (en) Document transfer processing for blockchains
Mislove et al. Ostra: Leveraging Trust to Thwart Unwanted Communication.
Chase et al. Transparency overlays and applications
CN109361753A (en) A kind of Internet of things system framework and encryption method
CN110519300A (en) Client key method for secure storing based on password bidirectional authentication
CN107947928A (en) Intelligence community management method and system based on Internet of Things
CN107231363A (en) A kind of distributed authentication method and authentication model
CN106209835A (en) Peer-to-peer network communication system and method
CN105827521B (en) E-mail based on SDN denies source and inhibits system and its suppressing method
Hale et al. On end-to-end encryption
US20070250922A1 (en) Integration of social network information and network firewalls
Aggarwal et al. Bootstrapping public blockchains without a trusted setup
Panduro-Ramirez et al. Blockchain Approach for Implementing Access Control in IOT
Dutertre et al. Intrusion-tolerant group management in enclaves
Sornkhom et al. Security analysis of micali's fair contract signing protocol by using coloured petri nets
CN105450502B (en) The Email that software-oriented defines network denies suppression system and its suppressing method
CN103577975A (en) Remote office system based on mobile communication network and control method of the remote office system
Al-Ahmad et al. An extended security framework for e-government
CN113159574A (en) Block chain-based power distribution network emergency maintenance evaluation system and method
Javed et al. Br2br: A vector-based trust framework for webrtc calling services
TWI678663B (en) Instant messaging method between enterprise exclusive closed instant messaging system and external staffs of suppliers/buyers
CN109816531A (en) Intelligent contract method of commerce based on double chain framework
JP2004102352A (en) E-mail system and e-mail transmitting/receiving method
CN113315788B (en) Lightweight protection method and system for sensitive data of video conference mobile terminal

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20190604

Address after: 211899 No. 86 Yushan Road, Jiangpu Street, Pukou District, Nanjing City, Jiangsu Province

Applicant after: NANJING AUDIT University

Address before: 210017 607, room 3, Lake heart garden, 207 Shui Xi Men street, Jianye District, Nanjing, Jiangsu.

Applicant before: Han Zhigeng

GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190705