当前位置：文档库 › Types for Security in a Mobile World

Types for Security in a Mobile World

Types for Security in a Mobile World?

Adriana https://www.wendangku.net/doc/ac10772639.html,pagnoni1and Elsa L.Gunter2

1Department of Computer Science,Stevens Institute of Technology

Castle Point on Hudson,Hoboken,NJ07030USA

abc@https://www.wendangku.net/doc/ac10772639.html,

2Department of Computer Science,University of Illinois,Urbana-Champaign 201N Goodwin Ave.,Urbana,IL61801-2302USA

egunter@https://www.wendangku.net/doc/ac10772639.html,

Abstract.Our society is increasingly moving towards richer forms of

information exchange where mobility of processes and devices plays a

prominent role.This tendency has prompted the academic community

to study the security problems arising from such mobile environments,

and in particular,the security policies regulating who can access the

information in question.

In this paper we propose a mechanisms for specifying access privileges

based on a combination of the identity of the user seeking access,its cre-

dentials,and the location from which he seeks it,within a recon?gurable

nested structure.

We de?ne BACI R,a boxed ambient calculus extended with a Distributed

Role-Based Access Control mechanism where each ambient controls its

own access policy.A process in BACI R is associated with an owner and

a set of activated roles that grant permissions for mobility and communi-

cation.The calculus includes primitives to activate and deactivate roles.

The behavior of these primitives is determined by the process’s owner,its

current location and its currently activated roles.We consider two forms

of security violations that our type system prevents:1)attempting to

move into an ambient without having the authorizing roles granting en-

try activated and2)trying to use a communication port without having

the roles required for access activated.We accomplish1)and2)by giving

a static type system,an untyped transition semantics,and a typed tran-

sition semantics.We then show that a well-typed program never violates

the dynamic security checks.

1Introduction

The exchange of information by electronic means in a mobile environment has become part of everyday life,with cellphones,PDA’s,and laptop computers ac-cessing remote information and transmitting signals and data.An increasingly mobile workforce needs to be able to access corporate information while at work,

from home,and on the road.This tendency has prompted the academic com-munity to study the security problems arising from this constantly escalating mobility.

The concept of Trust Management has been actively studied in the network security community since it was?rst introduced by Blaze,Feigenbaum,and Lacy in the paper Decentralized Trust Management[6].According to their formula-tion,trust management addresses the question:is this request,supported by these credentials,in compliance with this user’s policy?In[6],they identify three com-ponents of trust management:security policies,security credentials,and trust relationships.Security policies are local policies that an application trusts un-conditionally,security credentials are assertions about objects by trusted third parties,and trust relationships are special cases of security policies.

One way to address Trust Management is by considering Role-Based Access Control(RBAC)[18,36,19],where a role is de?ned by a set of privileges.RBAC is a methodology for de?ning security policies and for giving privileges to users. However,it is not concerned with the authentication of users.Whether the user claiming to be Bob is indeed Bob is beyond the scope of Trust Management,and of this work.In an RBAC framework there are two special relations between roles,privileges,and users:one assigns privileges to roles,and the other one assigns users to roles.These two relations form part of the security policy.

Mobility adds a new dimension to RBAC,since the services available to a given user also depend on the location of the user,agreements between parties, and the technology underlying the connection.For example,without roaming agreements in place,a cell-phone may be rendered useless beyond the scope of its provider’s network.Furthermore,whether a user’s connection is wireless, wired,secure,or insecure also conditions the available services.For example, an administrator on an insecure wireless connection may be denied access to sensitive information.

In a distributed environment the policies regulating access control may be distributed among several parties,and each principal may only have partial knowledge of the overall security policy[29,30,27].

In a mobile environment,di?erent domains will have di?erent access policies and when users(and potentially programs)migrate from domain to domain they will be ruled by a combination of the access policies of their enclosing domain and remote server domains.

In this work we study RBAC based Trust Management.As we described earlier,RBAC is a method of regulating access of users to information and resources based on the activity they need to perform.Access is fundamentally controlled by roles.On one side,each user of a system is associated with a set of roles.On the other side,each role is associated with a set of permissions (access privileges to existing resources).Some roles may be mutually exclusive, and others may be deactivated leaving the user with only a subset of the full set of roles with which she is associated.Therefore,in simple RBAC,a user is granted an access privilege to a resource if one of her activated roles has that privilege.This factorization of access control simpli?es the administration of the

security policy by allowing the systems administrator to separately decide which resources a given role needs in order to successfully operate,and what roles to assign to each user.It also allows for the choice of authentication method to be handled separately.How to enrich RBAC by adding orderings and other forms of structure on the roles and the privileges is an active area of research.They all share in common the separation of concerns given by the introduction of roles.

Role-based access control is currently a popular mechanism for governing the access to databases,?les,executable programs and other computational re-sources.In networking there is another kind of access control that is done by packet?ltering.A given router may be con?gured to drop all SMTP or HTTP packets denying access to certain services of a domain from outside that domain. Here,there is no notion of user and role,but only IP domain and packet type. However,it can be bene?cial to have a?ner-grain access control that is aware of roles and network domains.Consider the following example.

The University of Wizbrau is equipped with intelligent buildings,and students carry their laptops with them to class.While in the classroom, students have only limited Internet access and they are not allowed to use e-mail,instant messenger,or visit general websites.However,these activities are allowed when done from the student lounge instead.Since the instructor of the course needs a greater access to resources than the students,those activities temporarily disabled to the students are available to the instructor.For example,during a lecture,the instructor may consult her e-mail to address a question raised by a student in an e-mail message.

The restrictions placed on users in this environment need to be sensitive to both the location of the user(classroom versus lounge)as well as the role(student versus instructor).Such?ne-grained control is not readily handled by either packet?ltering or RBAC.

In this paper we design a formal language featuring formal notions for re-source,access,computation,communication,location and mobility.The starting point of our design is a mobile ambient calculus in the style of[14],where prin-cipals and locations are modeled by ambients.

1.1Background on Ambient Calculi

In Cardelli and Gordon’s Mobile Ambients(MA)[15],ambients represent nested computational environments containing data and live computation.In a nut-shell,ambients are administrative units forming a dynamic hierarchy,where an ambient can move up and down the hierarchy by moving into a child or a parent ambient.Furthermore,a mobile ambient is a communicating entity that can ex-change information with parents and children.Ambients are capable of moving under the in?uence of the process they enclose and can dissolve their perimeter with an open operation.Mobile Ambients provide a direct characterization of computational processes as well as computational devices.

Boxed Ambients(BA)[10]evolved from MA,by removing the ability of an ambient to dissolve its boundary.In BA,an ambient is a“box”that cannot be opened.This notion of closed ambient provides a complete encapsulation of the agents they contain.To enable the communication lost by disabling the open operation,ambients are equipped with communication channels to exchange information with adjacent ambients(parent and children ambients).

Both in MA and BA,ambient mobility is commanded by processes inside the ambient.The commands for mobility are called capabilities.The capabilities tell an ambient to open or move inside or outside another ambient.Unrestricted mobility,however,can lead to undesired interferences between two concurrent processes.In order to address this concern,control over capabilities was?rst introduced in Safe Ambients[25]and later used in New Boxed Ambients(NBA) [11]in the form of co-capabilities.A capability can be exercised only in the pres-ence of a matching co-capability.Hence,in order to enter an ambient using the in capability,that ambient must contain a matching

to allow the owner of the process to do so.Moreover,deactivating roles should not remove the roles authorizing the process to be in its current location.

We consider two forms of security violations that our type system prevents: 1)attempting to move into an ambient without having the authorizing roles granting entry activated and2)trying to use a communication port without having the roles required for access activated.We accomplish1)and2)by giving a static type system in Section3,an untyped transition semantics,and a typed transition semantics in Section4.We then show that a well-typed program never violates the dynamic security checks in Theorem3.

2Syntax of BACI R

Based on our earlier work on BACI[7],we de?ne BACI R,a boxed ambient calculus with a Distributed Role-Based Access Control mechanism,where the location of an ambient conditions its privileges.The intuitive idea is that to accommodate security checking an ambient is associated with its owner and with a set of roles that are currently activated.This set of roles can be changed by activation and deactivation primitives.Whether a role can be activated or deactivated depends on the location of the ambient and its owner.This control is made explicit in the type system where the type of an ambient has a set of roles authorizing the entrance of ambients.Going back to the example,the professor can send mail because she can activate the faculty

mail role,which is not enough to qualify to send mail in the classroom.

In order to de?ne the syntax of BACI R we use the following disjoint cate-gories of identi?ers:

User Names:u,v∈Users

Roles:r∈Roles

Port Names:c,c′∈C

Ambient Names:n,m∈Amb

Capability Variables:i∈CapVar

Message Identi?ers:x∈Amb∪CapVar

We assume a?xed set Users of users,a?xed set Roles of roles,and a?xed function UserPolicy associating each user and set of currently activated roles with a set of roles that may become activated.The syntax of BACI R is presented in Table1.Processes and Messages are the two main syntactic categories.

Messages,ranged over by M and N,include message identi?ers and capabil-ities.Capabilities,ranged over by C,can be either the capabilities for entering and exiting an ambient,variables or a“path”,which is a sequence of capabilities describing a mobility path.A special sort of capability is that of quiet capability, ranged over by Q,used for entry with no accompanying possibility of commu-nication.These are used for mobility alone,and are the primary component of paths.

Quiet Capabilities:

Q::=inQ m quiet enter

|outQ m quiet exit Capabilities:

C::=Q quiet capability |in m enter

|out m exit

|Q.C path

|i capability variable Locations:

η::=↑c parent portγ

|↓c child portγ

|?local

Actions:

π::=C(c)capability

|S quiet co-capability |K(c)co-capability

|activate r activate a role

|deactivate r deactivate a role

|(x1,...,x k)ηinput

| M1,...,M k ηoutput Quiet Co-Capabilities:

outQ allow quiet exit Co-Capabilities:

out(c)allow exit Messages:

M,N::=x message identi?er |C capability

Basic types

τ::=amb(ρin,σ)ambient type

|cap(ρin,σ)capability Communication types

σ::=shh no exchange

|(ρr,ρw,τ)exchange tuple Processes:

P::=0nil process

|P1|P2composition

|ν(n:τ)P restriction

|!P replication

|π.P pre?xing

|m u[P]@ρambient

to within another,there is a co-action enabling the ambient to enter:

out m(c),outQ m.

In addition to moving and communicating,there are two actions related to security:activate r for activating a user role r,and deactivate r for deactivating it.These control what privileges are available to the ambient at any given point during execution by modifying the set of activated rolesρ.

!P≡P|!P(Struct RepPar)

ν(n:τ)ν(m:τ′)P≡ν(m:τ′)ν(n:τ)P(Struct Res Res)

ν(n:τ)(P|P2)≡P|ν(n:τ)P2,if n/∈fn(P)(Struct Res Par)

ν(n:τ)m u[P]@ρ≡m u[ν(n:τ)P]@ρ,if n=m(Struct Res Amb)

inQ n.P≡inQ n(c).P≡in n(c).P,if c/∈fv(P)(Struct InQ)

outQ n.P≡outQ n(c).P≡out n(c).P,if c/∈fv(P)(Struct OutQ)

inQ(c).P,if c/∈fv(P)(Struct Co-InQ)

outQ(c).P,if c/∈fv(P)(Struct Co-OutQ) (Q.C).P≡Q(c).(C.P),where c∈fv(P)(Struct Prefix)

su?cient for it to compute without security violations.In particular,the type of an ambient name is the set of roles needed for mobility and communication.

The syntax of types can be found in Table1.Basic types describe the kind of data to be communicated over a port.The communication type further in-cludes the sets of rolesρr andρw granting read and write access to a port.In Tables3to8,letΓbe a mapping from message identi?ers to basic types and from port names to communication types.The typing judgment for a process is of the formΓ,ρhere,ρdeac m,u?P:ρact,whereΓis a typing environment for free message identi?ers and port names,ρhere is the set of roles su?cient for authorizing the process to be in its current location(the entrance policy for am-bient containing m),ρdeact are the set of roles that the process may at any time in its computation safely deactivate,m is the assumed surrounding ambient,u is the current user,andρact is the set of“currently active”roles.The judgments for the other syntactic categories are similar.

Quiet Enter:

Γ(m)=amb(ρin,σ)

Γ?outQ m:ρin

Γ?Q:(ρin,shh)Enter:

Γ(m)=amb(ρin,σ)

Γ?out m:(ρin,σ)

Path:

Γ?Q:ρinΓ,m?C:(ρin,σ)

Γ?i:(ρin,σ)

i.e.,the entrance policyρin and the communication policyσ.It is worth noting that for a capability that is a path,i.e.,a sequence of capabilities,the entrance security policy is required to be the same for all members in the path.See rule Path.

Parent Port:

Γ(c)=σ

Γ,m?↓c:σLocal:

Γ(m)=amb(ρin,(ρr,ρw,τ))

Table5.Typing of Locations

The type of a location(Table5)is the read-write security policies for access-ing the associated communication port,together with the security policy for the messages communicated through the port.For local communication,we use the ambient assumed as the surrounding ambient,and we want no restrictions on reading or writing.However,it is important that we maintain the restrictions on the types of data transmitted.We could violate the security policy if we omitted the type checks on messages locally communicated,because we potentially could send a capability with one security policy but receive it with a di?erent one.

Message Identifier:

Γ(x)=τ

Γ?C:cap(ρin,σ)

Capabilities:

Γ?C:(ρin,σ)

(ρact?ρdeact)∩ρin=?

Γ,ρhere,ρdeact,ρact,m,u?K(c):(Γ+{c:σ},ρhere,ρact)

Quiet Co-Capabilities:

Γ,ρhere,ρdeact,ρact,m,u?activate r :(Γ,ρhere,ρact∪{r})

Deactivation:

r∈ρdeact(ρ?{r}?ρdeact)∩ρhere=?

Γ,ρhere,ρdeact,ρact,m,u?(x1,...,x k)η:(Γ+Σk i=1{x i:τ},ρhere,ρact) Output:

Γ,m?η:(ρr,ρw,τ)

Γ?M i:τi=1,...,k

(ρact?ρdeact)∩ρw=?

Table7.Well-typed Actions

Nil:

Γ,ρhere,ρdeact,m,u?P1|P2:ρact

Restriction:

Γ+{m′:τ},ρhere,ρdeact,m,u?P:ρact

Γ,ρhere,ρdeact,m,u?!P:ρact

Prefixing:

Γ,ρhere,ρdeact,ρact,m,u?π:(Γ′,ρ′here,ρ′act)Γ′,ρ′here,ρdeact,m,u?P:ρ′act

Γ,ρhere,ρdeact,m′,u?m v[P]@ρm:ρact

The nil process(0)types with any set of roles.The parallel composition of two processes types with a set of roles if both processes individually do.A process beginning with a restricted ambient name types with a given set of processes if the underlying process types with the same set of roles but using an extended environment with a binding for the restricted ambient name.The replication of a process types with a set of roles if the process to be replicated does.The most interesting cases are those of pre?xes and ambients.For pre?xes(Prefixing in Table8),we must type the action at the head to derive a new typing environ-ment,new authorizing policy,and a new set of active roles,and then use the new environment,authorizing policy,and active role set to check the remaining process.This is because actions have the ability to expand the needed typing environment or alter the authorizing policy or the set of activated roles.If r is inρand the process begins by deactivating it,then the remainder of the process must be able to typecheck with a reduced set of activated roles.The typing for an ambient(Ambient in Table8)throws away the surrounding ambient infor-mation and checks the ambient in isolation.Since an ambient may travel into other ambients with unknown active roles,an ambient must be secure relative to the context it carries with itself.

4Operational Semantics

Our goal in de?ning the static type system given in Section3is to enable us to prove that if a process type checks with a given set of roles,then it will never attempt an action that it is not authorized to perform when executed in a state where all the roles in the set have previously been activated.To this end, we de?ne two transition semantics for our language,one with dynamic security checks and one without.For the untyped semantics,we have a form of subject reduction.We also have that,if a process type checks,then it reduces to another process in the untyped transition system if and only if it reduces to that process in the typed transition system.

4.1Untyped Transition Semantics

The untyped transition semantics is given in Tables9and10.It is worth noting that almost all the reduction rules explicitly mention a context containing an ambient,except for the rule for Local communication.

The rules for ambient movement are the most complicated.For an ambient to move inside another,the?rst ambient must contain a process requesting entrance to the second,and the second ambient must have a process allowing the entrance.If these two conditions are met,then the request and permission are consumed and the resulting?rst ambient enters that resulting second ambient. All the rules for entrance are the same,except for the way the communication ports are handled.In general(enter,Table9),when one ambient enters another a fresh port is created for the two ambients to share for communication.In the case(enter’,Table9)that a regular entrance request is permitted by only a

enter:m v[in n(c).P1|P2]@ρm|n u[

inQ.P3|P4]@ρn?

n u[m v[P1{c:=c′}|P2]@ρm|P3|P4]@ρn

for fresh variable c′

quiet enter:m v[inQ n(c).P1|P2]@ρm|n u[

in(c′)P3|.P4]@ρn?

n u[m v[P1{c:=c′′}|P2]@ρm|P3{c′:=c′′′}|P4]@ρn

for fresh distinct variables c′′and c′′′

exit:p w[n v[m u[out p(c).P1|P2]@ρm|P3]@ρn|

outQ.P4|P5]@ρp?p w[n v[P3]@ρn|m u[P1{c:=c′}]@ρm|P4|P5]@ρp

for fresh variable c′

quiet exit:p w[n v[m u[outQ p(c).P1|P2]@ρm|P3]@ρn|

out.(c′)P4|P5]@ρp?p w[n v[P3]@ρn|m u[P1{c:=c′′}]@ρm|P4{c′:=c′′′}|P5]@ρp

for fresh distinct variables c′′and c′′′

quiet permission(

in)(quiet enter’,Table9),then strictly speaking they both create half of a port,but we prevent any communication by giving them two di?erent fresh ports,neither of which will ever be usable.

An exit action is more complicated than an enter.We have three ambients nested in each other,m in n in p.The ambient m request to exit to p.The ambient p grants the request.The exit takes place so that now m and n are in parallel inside p.As m exits n,e?ectively entering p,there is the potential for establishing a communication port between m and p.In order to determine whether such a communication port really should be established,we consider the same cases as those for entrance and we handle them identically. activate:m u[(activate r P)|R]@ρ?m u[P|R]@(ρ∪{r})

deactivate:m u[(deactivate r P)|R]@ρ?m u[P|R]@(ρ?{r})

local: M1,...,M k ?.P|(x1,...,x k)?.R?P|R{x i:=M i|i=1...k}

to child(↓):m u[ M1,...,M k ↓c.P1|n v[(x1,...,x k)↑c.P2|R1]@ρn|R2]@ρm?m u[P1|n v[P2{x i:=M i|i=1...k}|R1]@ρn|R2]@ρm

to parent(↑):n v[m u[ M1,...,M k ↓c.P1|R1]@ρm|(x1,...,x k)↓c.P2|R1]@ρn ?

n v[m u[P1|R1]@ρm|P2{x i:=M i|i=1...k}|R2]@ρn recursion:!P?P|!P

P?R

context:

Table10.Simple Transition System–Remaining Rules

The rules for activation and deactivation cause the addition or deletion of the given role from the role set of the surrounding ambient.A message can be sent in one of three ways:locally,to a child,or to a https://www.wendangku.net/doc/ac10772639.html,munication is implemented by substitution of the values sent by one process for the variables used to receive the values in another.It is worth noting that local communication is expressly not between ambients,but between ordinary processes.Recursion causes a copy of the body of the recursive process to be created and composed

with the recursive process.In addition to the above rules for top-level reduction, there is a rule allowing us to descend through compositions,restrictions,and ambients to?nd a process capable of reducing.In particular,it is worth noting that an ambient within another ambient may keep computing,even while the outer ambient is blocked.

Theorem1.(Subject Reduction)Let P1,P2,and P3be processes,m and n be ambient names,u and v be users,ρhere,ρdeact,ρact andρ′act,be sets of roles, and letΓbe a mapping from message identi?ers to basic types and port names to communication types.IfΓ,ρhere,ρdeact,m,u?P1:ρact and P1?P2,then Γ,ρhere,ρdeact,m,u?P2:ρact.Moreover,if m u[P1]@ρact?n v[P3]@ρ′act, thenΓ,ρhere,ρdeact,n,v?P3:ρ′act,and m=n and u=v.

4.2Typed Transition Semantics

In this subsection we introduce a transition semantics with runtime type checks (e.g.security checks).The rules of the semantics are found in Tables11–15. In those tables,Γis a mapping from message identi?ers to basic types and port names to communication types(i.e,a typing environment),ρhere is a set of roles, andτis a basic type.As usual,the typing environment supplies us with the types for free ambient names and ports occurring in our process.The set of roles tells which roles are su?cient to authorize the process’s current location.The basic type is the type of a message that can be locally communicated at top level.We do not need read and write policies,because there are no security checks on local communication.The typed reduction relation transforms a typing environment, a set of roles,a basic type and a process into a new typing environment,role set, basic type and process.If we ignore the typing environment,role set and basic type,including the premises concerning them,then we get the untyped system in the previous section.The typing environment,role set and basic type are the extra information we need to carry around with us to do dynamic security checks.

activate:

r∈UserPolicy(u,ρ)

(Γ,ρhere,τ)?m u[(deactivate r P)|R]@ρ?→(Γ,ρhere,τ)?m u[P|R]@(ρ?{r})

Since the reductions on the processes are the same as in the untyped transi-tion semantics,we will focus on the security checks and the transformations to the typing environment and basic type.Activation and deactivation are relative to an enclosing ambient and serve to change that ambient’s set of active roles. For activation,we must check that the user of the ambient together with the currently active roles are allowed to activate the role.For deactivation,we need to check that deactivating the role will still leave some other role that is su?cient to authorize the ambient’s current location.

enter:

Γ(n)=amb(ρin,τ)ρm∩ρin=?c′′∈dom(Γ).

in(c′).P3|P4]@ρn

?→

(Γ+(c′′:τ),ρhere,τ)?n u[m v[P1{c:=c′′}|P2]@ρm|P3{c′:=c′′}|P4]@ρn enter’:

Γ(n)=amb(ρin,τ)ρm∩ρin=?c′∈dom(Γ).

inQ.P3|P4]@ρn

?→

(Γ+(c′:shh),ρhere,τ)?n u[m v[P1{c:=c′}|P2]@ρm|P3|P4]@ρn

quiet enter:

Γ(n)=amb(ρin,τ)ρm∩ρin=?c′∈dom(Γ)

inQ.P3|P4]@ρn

?→

(Γ+(c′:shh),ρhere,τ)?n u[m v[P1{c:=c′}|P2]@ρm|P3|P4]@ρn

quiet enter’:

Γ(n)=amb(ρin,τ)ρm∩ρin=?c′′,c′′′∈dom(Γ)

in(c′).P3|P4]@ρn

?→

(Γ+(c′′:shh)+(c′′′:shh),ρhere,τ)?

n u[m v[P1{c:=c′′}|P2]@ρm|P3{c′:=c′′′}|P4]@ρn

quiet exit’(Table13)is redundant.The assignment of shh to the type of the port is su?cient to assure that no communication takes place.We left the creation of distinct ports as a part of these rules to keep the connection with the untyped rules transparent.In general,the side conditions for the rules for exit are dual to those for enter.

exit:

Γ(p)=amb(ρin,τ)ρm∩ρin=?c′′∈dom(Γ)

out.(c′)P4|P5]@ρp

?→

(Γ+(c′′:τ),ρhere,τ)?p w[n v[P3]@ρn|m u[P1{c:=c′′}]@ρm|P4{c′:=c′′}|P5]@ρp exit’:

Γ(p)=amb(ρin,τ)ρm∩ρin=?c′∈dom(Γ)

outQ.P4|P5]@ρp

?→

(Γ+(c′:shh),ρhere,τ)?p w[n v[P3]@ρn|m u[P1{c:=c′}]@ρm|P4|P5]@ρp

quiet exit:

Γ(p)=amb(ρin,τ)ρm∩ρin=?c′∈dom(Γ)

outQ.P4|P5]@ρp

?→

(Γ+(c′:shh),ρhere,τ)?p w[n v[P3]@ρn|m u[P1{c:=c′}]@ρm|P4|P5]@ρp quiet exit’:

Γ(p)=amb(ρin,τ)ρm∩ρin=?c′′,c′′′∈dom(Γ)

out(gv′).P4|P5]@ρp

?→

(Γ+(c′′:shh)+(c′′′:shh),ρhere,τ)?

p w[n v[P3]@ρn|m u[P1{c:=c′′}]@ρm|P4{c′:=c′′′}|P5]@ρp

local:

Γ?M i:τi=1,...,k

(Γ,ρhere,τ)?m u[ M1,...,M k ↓c.P1|n v[(x1,...,x k)↑c.P2|R1]@ρn|R2]@ρm

?→

(Γ,ρhere,τ)?m u[P1|n v[P2{x i:=M i|i=1...k}|R1]@ρn|R2]@ρm

to parent(↑):

Γ(c)=(ρr,ρw,τ′)ρm∩ρw=?ρn∩ρr=?Γ?M i:τ′i=1,...,k

https://www.wendangku.net/doc/ac10772639.html,munication

recursion:

(Γ,ρhere,τ)?P1|R?→(Γ,ρhere,τ)?P2|R

right compostion:

(Γ,ρhere,τ)?P1?→(Γ,ρhere,τ)?P2

(Γ,ρhere,τ)?ν(m:τ)P?→(Γ,ρhere,τ)?ν(m:τ)R

ambients:

Γ(m)=amb(ρin,(ρr,ρw,τ′))

(Γ,ρin,τ′)?P?→(Γ,ρin,τ′)?R

Table15.Structural Rules

checks in and of themselves.The rules for recursion and composition use the same environment to security check the premises as they use in their conclusions. Restriction uses a type environment augmented by the type assignment for the restricted ambient name for reducing the body of the restriction.For descending through ambients,the typing environment is the same in the premise as in the conclusion,but here we need to change the type for the local communication to that of the basic type in the communication policy of the ambient,and we need to change the authorizing roles to the entrance policy of the outer ambient.

The next theorem gives us that the typed transition semantics is a re?nement of the untyped transition semantics.

Theorem2.Let P and R be processes,ΓandΓ′be typing environments,ρhere andρ′here be sets of roles,andτandτ′be basic types.If(Γ,ρhere,τ)?P?→(Γ′,ρ′here,τ′)?R,thenρhere=ρ′here,τ=τ′,Γ?Γ′,and P?R.

Theorem3is the main result of the paper.It says that if a process type checks,then to evaluate it you can omit all runtime checks.A side-e?ect of this is that if a process type checks,there is no runtime signi?cance to activation and deactivation,and they could be removed after type-checking as an optimization. Theorem3.Let P be a process that type checks with role setρusing typ-ing environmentΓ,authorizing role setρhere,ambient m,and user u(e.g.Γ,ρhere,ρdeact,m,u?P:ρact).If P?R for some process R,then(Γ,ρin,τ)?P?→(Γ′,ρin,τ)?R whereΓ(m)=amb(ρin,(ρr,ρw,τ))for someΓ′?Γ.

Using Theorem2we can strengthen the conclusion of Theorem3to say that P?R for some process R if and only if(Γ,ρin,τ)?P?→(Γ′,ρin,τ)?R.

The typed transitional semantics developed in this section was primarily introduced as a vehicle to formalize the bene?t of static type checking.It is worth noting that this semantics is of value in its own right.The static rules are predicated on static access to the information as to which roles are granted access to which resources.With the typed transition semantics,we can still perform security checks even in a situation where the control policy is only known at runtime.

5Related Work

For a variety of calculi for mobile and distributed systems that have emerged in the last years,access control was one of the primary concerns.The proposed access control mechanisms range from simple ones that use of co-actions[26,40,7] allowing or denying all access to a particular location(and the resources it con-tains)to more re?ned ones that use di?erent aproaches:credentials to authorize the access[12],restricted groups[13,16],Mandatory Access Control mechanisms to constraint un-authorized access[9],and even“membranes”that specify secu-rity policies for controlling the access to a particular location[22].

The work most closely related to our study of RBAC for an ambient calculus is[8].The authors de?ne a distributedπ-calculus(D-π)based on[23]with

primitives to activate and deactivate roles.However,there is no notion of an individual privilege being disabled or enabled depending on the current location, and the domain topology is static:domains cannot move.In[24]Hennessy and Riely introduce a type system for a distributed version of theπ-calculus for restricting the access of processes to resources based on the current location of the process.In this work,again the domain topology is static,and there is no direct connection to RBAC.

At the Symposium on Trustworthy Global Computing2005(TGC2005), during his invited address,Matthew Hennessy presented a calculus for RBAC based on D-π.Unlike our system,his calculus has dependent types to avoid dynamic typechecks of the security policy.

The work of RBAC in[29,30]does not deal with the implementation of an RBAC mechanism in a given calculus as is the case in[8].Instead they de?ne a calculus to describe an RBAC security policy and how to answer queries to the security policy.

Various groups have developed methods for guaranteeing that speci?cations of RBAC systems are consistent.In[37],Schaad and Mo?ett discuss the appli-cation of formal methods for the development of speci?cations of a con?ict-free role-based system.In[3]a formal language for the speci?cation of role-based authorization constraints,including prohibition,is introduced.Bertino et al.[5] develop a logical framework for reasoning about access control models in general, including RBAC models.

6Conclusions and Future Work

We de?ned BACI R,a boxed ambients calculus with Distributed Role-Based Access Control,where the privileges associated to processes change during com-putation and are determined by their location,their owners,the roles they have activated,and the security policy.The distributed nature of the RBAC mech-anism comes from the fact that each ambient controls the security policy au-thorizing the entrance of ambients and each port speci?es the security policy controlling the reading and writing privileges.

Our type system prevents two forms of security violations,those consisting of attempting to enter an ambient without proper authorization,and those consist-ing of trying to read or write from ports without the corresponding permissions. These security violations are controlled using roles,that can be dynamically ac-tivated and deactivated.The type system prevents security violating actions by those processes not vested with the required authorizing roles.

Our main contribution is the design of the?rst ambient calculus with a distributed RBAC mechanism where the location of a process conditions its mobility and its ability to communicate with other processes.Our main result in Theorem3shows that a well-typed program never violates the dynamic security checks.

Although the classroom example in the introduction is focused on Internet networking for a sense of location and communication,our Distributed RBAC

英语作文关于共享单车的篇精编

(一) 假定你是红星中学初三学生李华。你的美国朋友Jim在给你的邮件中提到他对中国新近出现的一种共享单车“mobike”很感兴趣，并请你做个简要介绍。请你给Jim回信，内容包括： 1. 这种单车的使用方法(如：APP查看车辆、扫码开锁等); 2. 这种单车的优势; 3. 你对这种单车的看法。注意：1. 词数不少于80; 2. 开头和结尾已给出，不计入总词数。提示词：智能手机smartphone, 二维码the QR code 参考范文 Dear Jim, I’m writing to tell you more about the new form of sharing bike mobike mentioned in your latest letter. It’s very convenient to use if you have a smartphone. What you do is find a nearest mobikethrough the APP, scan the QR code on the bike, and enjoy your trip. Compared to other forms of sharing bike, the greatest advantage of mobike is that you can easily find one and never worry about where to park it. It is becoming a new trend as a means of transportation, which relieves the traffic pressure and does good to the environment as well. Hope to ride a mobike with you in China. Yours, Li Hua (二) 最近很多大城市都投放了共享单车(shared bikes)，比如摩拜单车(Mobike)、Ofo共享单车等。由于它们方便停放，骑车也能起到锻炼身体的作用，作为代步工具很受大家欢迎。但是，各地也出现了很多毁车现象，比如刮掉车上的二维码(QR code)、上私锁等。你对这种现象怎么看?你对共享单车公司有什么建议吗?写一篇符合逻辑的英语短文，80词左右。参考词汇：bike-sharing companies 共享单车公司，Mobike 和Ofo 是两家共享单车公司，convenience 方便，register登记参考范文 The shared bikes like Mobike and Ofo bring great convenience to people. You needn’t lock them by simply using your smart phone. They can take you where the subway and bus don’t go. And they can be left anywhere in public for the next user. However, bad things happen. Some people damage the QR code on the bike, or use their own lock, which causes trouble to other users. In my opinion, it’s difficult to turn these people’s ideas in a short time. Therefore, bike-sharing companies like Mobike and Ofo need to do something. For example, those who damage the bike should pay for their actions. Also, because people use their real name toregister as a user, it’s a good way to connect to one’s personal credit. In the end, what I want to say is to take good care of public services. (三) 共享单车(bicycle sharing)已成为时下最热的话题之一，请你就这一话题写一篇短文。内容须包括三方面：1. 共享单车蓬勃发展，成为社会热潮;2. 共享单车带来便利，但也存在问题;3. 我对解决问题的建议。参考范文 Bicycle Sharing With the development of technology, bicycle sharing comes into people's lives. It becomes more and more popular and much news reported it. At the same time, we should see that there are some problems caused by bicycle sharing. On one side, bicycle sharing makes it very convenient of people traveling. You can find a bicycle anywhere at any time when you want to go out for a cycling, and the price of one trip is very low. It can save time for people. On the other side, its management is not perfect. Even kids can open the lock and ride the bicycle, there is no doubt that such behavior is very dangerous.

移动通信技术期末答案

移动通信技术习题册第一部分：移动通信概念一、单项选择题 1.所谓个人通信，指的就是简称为“5W”的（B ） A、who，when，where，which，what B、whenever，wherever，whoever，whomever，whatever C、whomever，wherever，whichever，whenever，whatever D、however，whenever，whoever，whichever，whomever 2.移动通信存在严重的多径问题，造成信号电平的起伏不定，因此，移动通信系统在设计的时候必须具有（ C ） A、抗噪声能力 B、抗干扰能力 C、抗衰落能力 D、抗多径能力 3.下面不属于第一代移动通信系统的是（ C ） A、AMPS B、TACS C、PDC D、NMT 4.1989年，我国原邮电部引进了第一个模拟移动通信系统（ A ） A、TACS B、GSM C、CDMA D、PHS 5.下面不属于数字蜂窝移动通信系统结构中网络子系统的是（ B ） A、EIR B、OSS C、AUC D、MSC 6.MSC可以分成三类，分别是普通MSC以及（ C ） A、AMSC和BMSC B、EMSC和FMSC C、GMSC和TMSC D、OMSC和PMSC 7.HLR中存储的用户数据主要包括用户信息和（ A ） A、位置信息 B、鉴权信息 C、设备信息 D、通话记录 8.VLR服务于其控制区的移动用户，它是一个（ B ） A、静态用户数据库 B、动态用户数据库 C、混合态用户数据库 D、半动态用户数据库 9.基站子系统中，一个BSC可以控制（ D ）BTS。 A、一个 B、两个 C、四个 D、多个 10.操作维护子系统的工作任务不包括（ C ） A、网络监视 B、性能管理 C、用户鉴权 D、网络操作 11.主叫用户为呼叫移动用户所需要的拨叫是（ C ） A、TMSI B、IMSI C、MSISDN D、LAI 12.移动用户的ISDN码中，我国的国家码是（ A ） A、86 B、83 C、46 D、18 13.语音编码器有三种类型，不包括（ C ） A、混合编码 B、波形编码 C、图像编码 D、参量编码 14.信道编码主要应对由于噪声引起的（ A ） A、随机误码 B、突发误码 C、冗余码元 D、群误码 15.交织用于应对误码中的（B ） A、随机误码 B、突发误码 C、冗余误码 D、打孔误码 16.均衡的意义在于利用均衡器产生（C ），解决传输中的差错。 A、信号波形 B、相干信号 C、信道模型 D、语音编码 17.移动通信的基本业务包括（ D ） A、业务 B、短消息业务 C、传真 D、以上全部二、填空题 1.移动通信按照信号性质进行划分，可以分成模拟制和数字制，其中第

介绍北京的英语作文(2)

介绍北京的英语作文(2) AsBeijinghasbeenconfirmedhomecityofOlympics2008,the spiritofgreenOlympics,scientificOlympicsandhumanizedOlymp icwillsurelybringmoreandmorechangestoBeijing,promotethed evelopmentofsportsandOlympicsinChinaaswellasintheworld,a ndstrengthenthefriendlycommunicationsbetweenChineseandf oreignpeople. 篇六：Beijing BeijingisthecapitalofPeoplesRepublicofChinaandthenation scentreforpolitics,economyandculture.Itenjoysalongandrichhis tory.Therearenumerousheritagesitesandwonderfulexamplesof ancientarchitecture,suchastheworld-famousGreatWall,theTem pleofHeavenandtheForbiddenCity. Besidessightseeingplaces,therearemanydeliciousfoodsuch asPekingducksandBeijingsnacks.Beijingisreallyagoodplacetotr avel. 篇七：Beijing AsthecaptainofChina，Beijinghasbeenthemostpopularcityofchina。SomoreandmorepeoplewanttovisitBeijing.

移动通信课后答案

思考题1答案 1.1简述移动通信的特点。答：移动通信的主要特点如下：（1）移动通信利用无线电波进行信息传输。移动通信中基站至用户之间必须靠无线电波来传送消息。然而无线传播环境十分复杂，导致无线电波传播特性一般很差，另外，移动台的运动还会带来多普勒效应，使接收点的信号场强振幅、相位随时间地点而不断地变化，严重影响了通信的质量。这就要求在设计移动通信系统时，必须采取抗衰落措施，保证通信质量；（2）移动通信在强干扰环境下工作，主要干扰包括互调干扰，邻道干扰和同频干扰等；（3）通信容量有限。频率作为一种资源必须合理安排和分配，为满足用户需求量的增加，只能在有限的已有频段中采取有效利用频率措施，如窄带化、频道重复利用、缩小频带间隔等方法来解决；（4）通信系统复杂。由于移动台在通信区域内随时运动，需要随机选用无线信道，进行频率和功率控制、地址登记、越区切换及漫游存取等跟踪技术。这就使其信令种类比固定网要复杂的多。在入网和计费方式上也有特殊的要求，所以移动通信系统是比较复杂的；（5）对移动台的要求高。移动台长期处于不固定位置，外界的影响很难预料，这要求移动台具有很强的适应能力。此外，还要求性能稳定可靠、携带方便、小型、低功耗及能耐高、低温等。同时，要尽量使用户操作方便，适应新业务、新技术的发展，以满足不同人群的使用。这给移动台的设计和制造带来很大的困难。 1.3 简述蜂窝式移动通信的发展历史，说明各代移动通信系统的特点。答：第一代（1G）以模拟式蜂窝网为主要特征，是20世纪70年代末80年代初就开始商用化的。其中最有代表性的是北美的AMPS（Advanced Mobile Phone System）、欧洲的TACS （Total Access Communication System）两大系统，另外还有北欧的NMT及日本的HCMTS 系统等。从技术特色上看，1G以解决两个动态性中最基本的用户这一重动态性为核心并适当考虑到第二重信道动态性。主要是措施是采用频分多址FDMA方式实现对用户的动态寻址功能，并以蜂窝式网络结构和频率规划实现载频再用方式，达到扩大覆盖服务范围和满足用户数量增长的需求。在信道动态特性匹配上，适当采用了性能优良的模拟调频方式，并利用基站二重空间分集方式抵抗空间选择性衰落。第二代（2G）以数字化为主要特征，构成数字式蜂窝移动通信系统，，它于20世纪90年代初正式走向商用。其中最具有代表性的有欧洲的时分多址（TDMA）GSM（GSM原意为Group Special Mobile，1989年以后改为Global System for Mobile Communication）、北美的码分多址（CDMA）的IS-95两大系统，另外还有日本的PDC系统等。从技术特色上看，它是以数字化为基础，较全面地考虑了信道与用户的二重动态特性及相应的匹配措施。主要的实现措施有：采用TDMA（GSM）、CDMA（IS-95）方式实现对用户的动态寻址功能，并以数字式蜂窝网络结构和频率（相位）规划实现载频（相位）再用方式，从而扩大覆盖服务范围和满足用户数量增长的需求。在对信道动态特性的匹配上采取了下面一系列措施：（1）采用抗干扰性能优良的数字式调制：GMSK（GSM）、QPSK（IS-95），性能优良的抗干扰纠错编码：卷积码（GSM、IS-95）、级联码（GSM）；（2）采用功率控制技术抵抗慢衰落和远近效应，这对于CDMA方式的IS-95尤为重要；

汽车利弊英语作文4篇

[标签:标题] 篇一：关于汽车的英语作文好的 Nowadays, with the rapid improvement of people’s living standards, cars have become an indispensable part of people's lives,so that more and more people have a car of their own, especially in cities. It brings some benefits for us but also causes many problems at the same time. For one thing,there’s no doubt that cars provide much convenience for people to go where they want to quickly and easily. Especially on weekday,driving a car can save a lot of time for us to go to work.When some places are too far away from our home, driving our own car is also convenient, we can go wherever we want. However,for another, too many cars will lead to the pressure of public transport, a series of problems will appear.First of all,it will bring about more air pollution,a large amount of polluted air given off by cars do great harm to our health.What’s more, as the existing roads are not so wide for the increasing number of cars,undoubtedly,traffic jams will become more and more serious. Last but not least, cars also place burden on the public facilities in providing more parking lots. As far as I am concerned,everything has its advantages and disadvantages. It’s high time that effective action must be token to limit the ever growing number of cars, the government should take measures to control the air pollution from the cars. Some roads should be widened and more new roads should be constructed. Only in this way，will people benefit from the popularity of cars. 坏的 Nowadays, with the rapid improvement of people's living standards, cars have become an indispensable part of people's lives,so that more and more people have a car of their own, especially in cities.It brings some benefit for us but also causes many problems at the same time. For one thing,it's no doubt that that cars provide much convenience for people to go where they want to quickly and easily. Especially on weekday,driving a car can save a lot of time for us to go to work.When some places are too far away from our home, driving our own car is also convenient, we can go wherever we want. However,for another, too many cars will lead to the pressure of public transport, a series of problems will appear.First of all,it will bring about more air pollution,a large amount of polluted air given off by cars do great harm to our health .What's more, as the existing roads are not so wide for the increasing number of cars,undoubtedly,traffic jams will become more and more serious. Last but not least, cars also place burden on the public facilities in providing more parking lots. As far as I am concerned,everything has its advantages and disadvantages. It's high time that effective action must be token to limit the ever growing number of cars, the government should take measures to control the air pollution from the cars. Some roads should be widened and more new roads should be constructed. Only in this way,will people benefit from the popularity of cars. 篇二：雅思作文高分范文：私家车的利与弊智课网IELTS备考资料雅思作文高分范文：私家车的利与弊

《移动通信》复习试题及答案

《移动通信》复习试题及答案练习一一、填空题 1、移动通信按工作方式分（单工）（双工）（半双工）。 2、移动通信按多址方式分（FDMA）,（TDMA）,（CDMA）。 3、移动通信按信号形式分（模拟网）（数字网） 4、移动通信按覆盖范围分（城域网）（局域网）（广域网）。 5、移动通信按业务类型分（PSTN），（DDN），（ISDN） 6、移动通信按服务特性分（专用网），（公用网）。 7、移动通信按使用环境分（陆地通信），（海上通信），（空中通信）。 8、移动通信按使用对象分（民用系统），（军用系统）。二、简答题 1、什么叫移动通信？答：通信双方至少有一方处在移动情况下(或临时静止)的相互信息传输和交换。 2、移动通信的特点。答：1、移动通信必须利用无线电波进行信息传输 2、移动通信是在复杂的干扰环境中运行的 3、移动通信可以利用的频谱资源非常有限 4、移动通信系统的网络结构多种多样，网络管理和控制必须有效

5、移动台必须适合于在移动环境中使用 3、移动通信的发展趋势。答：1、开发更高频段2、有效利用频谱 3、数字化 4、向个人移动通信发展 5、传输数据速率越来越高。 4、全球3G的三大标准是什么？答：WCDMA、CDMA2000、TD-SCDMA。 5、什么是基站？答：固定不动接发移动台的信号完成与交换中心相连，从而实现移动台信号的收发。 6、什么是移动台？答：接收发送无线信号并且可以移动的终端；包括：手机，车载台、无绳电话等。 7、什么是交换中心？答：交换各种信息的中心，分为有线和无线。无线交换中心为各个移动台所在的基站之间提供交换服务。 9、数字移动通信系统有哪些优点？答：频谱利用率高、容量大，同时可以自动漫游和自动切换，通信质量好，加上其业务种类多、易于加密、抗干扰能力强、用户设备小、成本低。 10、移动通信有哪些主要技术？

介绍北京的英语作文1篇 .doc

介绍北京的英语作文1篇篇一MyFamily Ilovemyfamily,becauseIhaveahappyfamily. MyfatherisanEnglishteacher.HisnameisJacky.Heisthirty-eight.Helikesplay ingbasketball.What’smymotherjop?Issheateacher?Yes,you’reright!Mymotherisverykindandnice,sheisthirty-seven.Mymotherisalways laboriouswork.Ilovemyparents! OnStaurdayandSunday,Ioftengotothelibraryandplaythepiano,Myfathergot oplaybasketball.Sometimes,wewatchTVandlistentomusicathome. Ilovemyfamily.BecauseI’mveryhappytolivewithmyparentstogether! 篇二MyFamily MyFamily Everyonehasafamily.Weliveinitandfeelverywarm.Therearethreepersonsin myfamily,mymother,fatherandI.Welivetogetherveryhappilyandtherearema nyinterestingstoriesaboutmyfamily. Myfatherisahard-workingman.Heworksasadoctor.Healwaystrieshisbesttoh elpevery,patientandmakepatientscomfortable.Butsonetimesheworkssohard thathecan”trememberthedate.

移动通信课后题.

2012-2013学年09级《移动通信》复习题及参考答案第一章概论 1、什么叫移动通信?移动通信有哪些特点？【答】移动通信是指通信双方至少有一方在移动中（或者临时停留在某一非预定的位置上）进行信息传输和交换，这包括移动体（车辆、船舶、飞机或者行人）和移动体之间的通信，移动体和固定点（固定无线电台或有线用户）之间的通信。特点： 1、移动通信必须利用无线电波进行信息传输； 2、移动通信是在复杂的干扰环境中运行的； 3、移动通信可以利用的频谱资源非常有限，而移动通信业务量的需求却与日俱增； 4、移动通信系统的网络结构多种多样，网络管理和控制必须有效； 5、移动通信设备(主要是移动台)必须适于在移动环境中使用。 2、单工通信与双工通信有何区别？各有何优缺点？【答】所谓单工通信，是指通信双方电台交替地进行收信和发信。此工作方式设备简单，功耗小，但操作不便，通话时易产生断断续续的现象。它一般应用于用户少的专用调度系统。所谓双工通信，是指通信双方可同时进行传输消息的工作方式，有时亦称全双工通信。这种方式操作方便，但电能消耗大。模拟或数字式的蜂窝电话系统都采用双工制。第二章调制解调 1、移动通信中对调制解调技术的要求是什么？（请总结3G ，LTE 等高速数据传输对调制解调技术的要求）【答】已调信号的频谱窄和带外衰减快（即所占频带窄，或者说频谱利用率高）；易于采用相干或非相干解调；抗噪声和抗干扰的能力强；以及适宜在衰落信道中传输。已调信号所占的带宽要窄：频谱主瓣窄；已调信号频谱副瓣的幅度要低，辐射到相邻频道的功率就小；经调制解调后的输出信噪比（S/N ）较大或误码率较低。 1、所有的技术必须在规定频带内提供高的传输效率 2、要使信号深衰落引起的误差数降至最小 3、应使用高效率的放大器 4、在衰落条件下获得所需要的误码率 2、已调信号的带宽是如何定义的？FM 信号的带宽如何计算？【答】已调信号的带宽是指已调信号所包含的各种不同频率成分所占据的频率范围。 )(2)1(2m m f FM f f f m B +?=+=

汽车的重要性《英语作文》

汽车的重要性《英语作文》 The automobile has become one of the most important means/ways of transportation in the world since it was invented. The automobile has completely changed the lifestyles of almost all the people in the world. In the past, animals like horses and camels were used for traveling and transporting goods. Automobiles are more comfortable and faster. Automobiles have also made it possible for us to transport large quantities of goods and people at the same time. Besides, the invention of the automobile has provided jobs for millions of people all over the world. 翻译：汽车已经成为世界上最重要的交通工具之一，因为它是发明的。汽车已经完全改变了世界上几乎所有的人的生活方式。在过去，像马和骆驼的动物被用来运送货物。汽车更舒适，更快速。汽车也使我们能够在同一时间运送大量货物和人。此外，汽车的发明为全世界上百万的人提供了工作。

我想去北京英语作文

三一文库（https://www.wendangku.net/doc/ac10772639.html,）〔我想去北京英语作文〕我想去北京的英语作文如何写？那么，下面是小编给大家整理收集的我想去北京英语作文，供大家阅读参考。我想去北京英语作文1 I’d like to go to a beautiful place. I think it would be Beijing. Beijing is not only our capital city, but also a famous city with long history and wonderful culture. Beijing is also China’s political and cultural center. There’re many old places of great interest, such as the Great Wall, the Summer Palace, the Forbidden City, the Temple of Heaven, and Tiananmen Square. Once you see Tiananmen Square, you will think of Beijing. It has been the symbol of Beijing since 1949. 我想去北京英语作文2 I went to Beijing more than eight times. Beijing is the capital of China. It’s a big city. I am very familiar with Beijing. It takes an hour and forty minutes from Nantong to Beijing by plane. There are many tall buildings in Beijing. It’s a modern city. My family visited the Great Wall, the Summer

移动通信技术考试试题与答案

专业：移动通信科目：移动通信技术一、单项选择题 1．GSM网络结构中，Abis接口是（）的接口 A．MSC与HLR B．MSC与VLR C．MSC与BSC D．BSC与BTS 答案：D 2．对讲机属于那种通信方式（） A．半双工通信 B．全双工通信 C．单工通信 D．三工通信答案：A 3．GSM系统对于话务量密集的局部地区，可以采用六列向小区。此时需要采用（）度定向天线 A．360 B．60 C．180 D．120 答案：B 4．实际工程一般要求天线间距大于（）倍信号波长 A．2 B．5 C．10

答案：C 5．GSM网络一般采用列向小区，即天线采用（）度定向天线，把基站分成3个扇形小区 A．360 B．120 C．180 D．60 答案：B 6．CDMA系统容量是模拟系统的（）倍 A．1~2 B．100~200 C．1000~2000 D．10~20 答案：D 7．GSM系统容量是模拟系统的（）倍左右 A．4 B．2 C．3 D．1 答案：B 8．GSM系统信号带宽为（）KHz。 A．200 B．2 C．20

答案：A 9．有线电视属于那种通信方式（） A．全双工通信 B．单工通信 C．半双工通信 D．三工通信答案：B 10．GSM规范中规定：邻频道干扰保护比，C/I > 负（）dB A．6 B．9 C．12 D．3 答案：B 11．无线电广播采用（）方式 A．CDMA B．SDMA C．TDMA D．FDMA 答案：D 12．GSM是一个典型的（）多址系统 A．FDMA B．TDMA C．SDMA D．CDMA

答案：B 13．GSM网络结构，A接口是（）之间的接口A．BSC与BTS B．MSC与VLR C．MSC与HLR D．MSC与BSC 答案：D 14．无线广播属于那种通信方式（） A．三工通信 B．单工通信 C．全双工通信 D．半双工通信答案：B 15．GSM规范中规定：同频道干扰保护比，C/I >（）dB A．6 B．3 C．12 D．9 答案：D 二、多项选择题 1．3G技术要求有哪些（） A．支持多媒体业务 B．上下行不对称 C．速度按需分配 D．OFDM

汽车英文演讲稿

汽车英文演讲稿篇一：汽车英语演讲稿 Good morning everyone ,today, the topic of my lecture（演讲） is “Do you love automobiles（'tmbilz）”. before I start my speech ,I want to ask a question,did there anybody present had seen the movie”the Fast and the Furious['fjrs]”.There are many cars of different styles in the movie,for example ,when you see the movie,you can find roadsters（跑车） just like Porsche（保时捷） GT3,sports utility (通用的）vehicles （车）SUV such as Volkswagen ['f:lks,va:gn]Touareg ['twɑ:reɡ](大众途锐）,even armored cars ,all of them are so powerful and beautiful. When I was a child,I dreamed I can have a car like FORD GT 40,this racing bike（跑车） is amazing and fantastic,but as time goes on ,my hobby is changing,now my favorite car is Jeep Rubicon,this is a car I really want ,it’s dynamic performance（性能） and off-road （越野） performance is top-ranking（一流的） ,which other ordinary SUV is unable to compare; the shape and color of this car is magnificent (华丽的） [mg'nfs()nt],and it’s gear-shift system（齿轮转

2012电子科技大学移动通信期末(题+答案)

移动通信期末复习资料一、名词解释题 1 、移动通信是指通信双方中，至少有一方在移动之中，进行信息传输和交换，包括移动体和移动体之间的通信。 2 、信道编码对要在信道中传送的数字信号进行的纠、检错编码。 3 、越区切换是指将一个正在进行中的呼叫和通信从一个信道、小区过渡至另一个信道、小区，并且保证通信不产生中断的一项技术。 4 、阴影衰落移动通信中，由障碍物阻挡造成的阴影效应，接受信号强度下降，但该场强中值随地理改变缓慢变化，称阴影衰落。 5 、双工通信指通信双方的收发信机均同时工作。同时工作,即任一方在发话的同时,也能收到对方同时工作时无需“按-讲”开关,和市内电话类似。二、填空题 1、移动通信系统按传递信号的不同，可分为模拟信号和数字信号。 2、为了解决蜂窝移动通信网中有限频率资源和不断增长的用户要求矛盾，采取了小区分裂和频率复用两种技术。 3、移动通信按多址方式不同可分为频分多址、时分多址和码分多址。 4、移动通信的工作方式有单工通信、双工通信和半双工通信。 5、移动通信的噪声主要有内部噪声和外部噪声，外部噪声主要有自然噪声和人为噪声。 6、无线电波由于传输路径不同，可分为直射波、反射波、折射波、散射波和绕射波。 7、无线电波从发射到接收之间，收、发信号会受到衰落和延时的干扰，一般将这种干扰称为多径效应。

8、移动通信中的分集接收方式有宏分集和微分集。微分集又分为空间分集、频率分集、时间分集。 9、移动通信在其发展的进程中，容量范围基本上形成了以欧洲、北美和日本三大实业集团。 10、移动通信系统中的用户终端主要指车载台、手机和对讲机，这三种终端的主要区别是功率大小不一样、无线结构不一样。 11、无线电通信电波在系统传输中，接收端的信号会受到衰落和时延的干扰。 12、移动通信系统中为了使用户通信连续有效，则网络系统应具备越区切换、漫游功能和位置管理三种基本功能。 13、移动通信中的干扰有邻道干扰、同频干扰、互调干扰、多址干扰等。 14、移动通信按服务范围和对象可分为专用移动网和公用移动网。 15、移动通信系统逐步向着数字化、智能化、宽带化、全球化和个人通信的方向发展。三、判断题 (对划“√”，错划“╳”) 1、在同一MSC,不同BSC下的切换，系统不需要参和切换过程。（×） 2、使用射频跳频的基站系统，只有在频点大于3个以上时，才有明显效果。（√） 3、跳频可以改善瑞利衰落。（√） 4、移动通信网的信道有控制信道和业务信道两大类。（√） 5、空间分集只能用于基站。（×） 6、扩频系统的抗干扰能力强。（√） 7、IS-95 CDMA是属于第三代通信系统的。（×） 8、在移动通信系统中，相邻小区不允许使用相同频率，否则会产生同频干扰。（×） 9、TDD称为时分双工，收发信号在时间上分开互不干扰，广泛地用于GSM系统。（√） 10、多径效应造成的衰落会随移动台运动速度的加快而加快。（√） 11、3G本身是移动通信网，随着商用化进程的推进，其覆盖范围将遍及几乎所有角落，这样用户的监控点可以部署在任意位置，不受地域限制。（√） 12、SCH（同步信道）的作用有帧同步和时隙同步。（√）

小学一年级介绍北京的英语作文

小学一年级介绍北京的英语作文 Beijing is an ancient city with a long history. Back in 3000 years ago in Zhou dynasty, Beijing, which was called Ji at the moment, had been named capital of Yan. Thereafter, Liao, Jin, Yuan, Ming and Qing dynasty all made Beijing their capital. Therefore, Beijing was famous for "Capital of a thousand years". The long history leaves Beijing precious cultural treasure. Winding for several kilometers in Beijing area, the Great Wall is the only man-made structure that could been seen in the space. The Summer Palace is a classic composition of ancient royal gardens, and the Forbidden City is the largest royal palaces in the world. Tiantan is where the emperor used to fete their ancestors, and also the soul of Chinese ancient constructions. The four sites above has been confirmed world cultural heritage by UNESCO. However, the best representatives for Beijing are the vanishing Hutongs and square courtyards. Through hundreds of years, they have become symbol of Beijing's life. Tian'anmen square being still brilliant today with cloverleaf junctions and skyscrapers everywhere, the old-timey scene and modern culture are combined to present a brand new visage of Beijing. As Beijing has been confirmed home city of Olympics 2008, the spirit of "green Olympics, scientific Olympics and humanized Olympic" will surely bring more and more changes to Beijing, promote the development of sports and Olympics in China as well as in the world, and strengthen the friendly communications between Chinese and foreign people. 北京是一个有着悠久历史的古城。早在 3000 年前的周朝,北京,这叫霁,被命名为首都燕。此后,辽、金、元、明、清都是北京首都。因此,北京著名的一千年的“资本”。悠久的历史使北京宝贵的文化瑰宝。绕组在北京地区几公里,长城是唯一的人造结构,可以在空间。颐和园是古代皇家园林的经典组合,和故宫是世界上最大的皇家宫殿。天坛是皇帝用来祭祀他们的祖先的地方,也是中国古代建筑的灵魂。上面的四个网站已经确认被联合国教科文组织世界文化遗产。然而,北京最好的代表是消失的胡同和广场庭院。数百年来,他们已经成为北京的生活的象征。天安门广场到处都在今天依然灿烂的蝶式路口和摩天大楼的,古色古香的场景和现代文化相结合,提出一个全新的北京的面貌。随着北京 2008 年奥运会已被证实的家乡,精神的“绿色奥运、科技奥
1/5