数据库 外文翻译 外文文献 英文文献 数据库安全

Database Security

“Why do I need to secure my database server? No one can access it —it’s in a DMZ protected by the firewall!” This is often the response when it is recommended that such devices are included within a security health check. In fact, database security is paramount in defending an organizations information, as it may be indirectly exposed to a wider audience than realized.

This is the first of two articles that will examine database security. In this article we will discuss general database security concepts and common problems. In the next article we will focus on specific Microsoft SQL and Oracle security concerns.

Database security has become a hot topic in recent times. With more and more people becoming increasingly concerned with computer security, we are finding that firewalls and Web servers are being secured more than ever(though this does not mean that there are not still a large number of insecure networks out there). As such, the focus is expanding to consider technologies such as databases with a more critical eye.

◆Common sense security

Before we discuss the issues relating to database security it is prudent to high- light the necessity to secure the underlying operating system and supporting technologies. It is not worth spending a lot of effort securing a database if a vanilla operating system is failing to provide a secure basis for the hardening of the data- base. There are a large number of excellent documents in the public domain detailing measures that should be employed when installing various operating systems.

One common problem that is often encountered is the existence of a database on the same server as a web server hosting an Internet (or Intranet) facing application. Whilst this may save the cost of purchasing a separate server, it does seriously affect the security of the solution. Where this is identified, it is often the case that the database is openly connected to the Internet. One recent example I can recall is an Apache Web server serving an organizations Internet offering, with an Oracle database available on the Internet on port 1521. When investigating this issue further it was discovered that access to the Oracle server was not protected (including lack of passwords), which allowed the server to be stopped. The database was not required from an Internet facing perspective, but the use of default settings and careless security measures rendered the server vulnerable.

The points mentioned above are not strictly database issues, and could be classified as architectural and firewall protection issues also, but ultimately it is the database that is compromised. Security considerations have to be made from all parts of a public facing net- work. You cannot rely on someone or something else within your organization protecting your database fr om exposur e.

◆ Attack tools are now available for exploiting weaknesses in SQL and Oracle

I came across one interesting aspect of database security recently while carrying out a security review for a client. We were performing a test against an intranet application, which used a database back end (SQL) to store client details. The security review was proceeding well, with access controls being based on Windows authentication. Only authenticated Windows users were able to see data belonging to them. The application itself seemed to be handling input requests, rejecting all attempts to access the data- base directly.We then happened to come across a backup of the application in the office in which we were working. This media contained a backup of the SQL database, which we restored onto our laptop. All security controls which were in place originally were not restored with the database and we were able to browse the complete database, with no restrictions in place to protect the sensitive data. This may seem like a contrived way of compromising the security of the system, but does highlight an important point. It is often not the direct approach that is taken to attack a target, and ultimately the endpoint is the same; system compromise. A backup copy of the database may be stored on the server, and thus facilitates access to the data indirectly.

There is a simple solution to the problem identified above. SQL 2000 can be configured to use password protection for backups. If the backup is created with password protection, this password must be used when restoring the password. This is an effective and uncomplicated method of stopping simple capture of backup data. It does however mean that the password must be remembered!

◆Curr ent tr ends

There are a number of current trends in IT security, with a number of these being linked to database security.

The focus on database security is now attracting the attention of the attackers. Attack tools are now available for exploiting weaknesses in SQL and Oracle. The emergence of these tools has raised the stakes and we have seen focused attacks against specific data- base ports on servers exposed to the Internet.

One common theme running through the security industry is the focus on application security, and in particular bespoke Web applications. With he functionality of Web applications becoming more and more complex, it brings the potential for more security weaknesses in bespoke application code. In order to fulfill the functionality of applications, the backend data stores are commonly being used to format the content of Web pages. This requires more complex coding at the application end. With developers using different styles in code development, some of which are not as security conscious as other, this can be the source of exploitable errors.

SQL injection is one such hot topic within the IT security industry at the moment. Discussions are now commonplace among technical security forums, with more and more ways and means of exploiting databases coming to light all the time. SQL injection is a misleading term, as the concept applies to other databases, including Oracle, DB2 and Sybase.

◆ What is SQL Injection?

SQL Injection is simply the method of communication with a database using code or commands sent via a method or application not intended by the developer. The most common form of this is found in Web applications. Any user input that is handled by the application is a common source of attack. One simple example of mishandling of user input is highlighted in Figure 1.

Many of you will have seen this common error message when accessing web sites, and often indicates that the user input has not been correctly handled. On getting this type of error, an attacker will focus in with more specific input strings.

Specific security-related coding techniques should be added to coding standard in use within your organization. The damage done by this type of vulnerability can be far reaching, though this depends on the level of privileges the application has in relation to the database.If the application is accessing data with full administrator type privileges, then maliciously run commands will also pick up this level of access, and system compromise is inevitable. Again this issue is analogous to operating system security principles, where programs should only be run with the minimum of permissions that is required. If normal user access is acceptable, then apply this restriction.

Again the problem of SQL security is not totally a database issue. Specific database command or requests should not be allowed to pass through the

application layer. This can be prevented by employing a “secure coding” approach.

Again this is veering off-topic, but it is worth detailing a few basic steps that should be employed.

The first step in securing any application should be the validation and control of user input. Strict typing should be used where possible to control specific data (e.g. if numeric data is expected), and where string based data is required, specific non alphanumeric characters should be prohibited where possible. Where this cannot be performed, consideration should be made to try and substitute characters (for example the use of single quotes, which are commonly used in SQL commands).

Specific security-related coding techniques should be added to coding standard in use within your organization. If all developers are using the same baseline standards, with specific security measures, this will reduce the risk of SQL injection compromises.

Another simple method that can be employed is to remove all procedures within the database that are not required. This restricts the extent that unwanted or superfluous aspects of the database could be maliciously used. This is analogous to removing unwanted services on an operating system, which is common security practice.

◆ Overall

In conclusion, most of the points I have made above are common sense security concepts, and are not specific to databases. However all of these points DO apply to databases and if these basic security measures are employed, the security of your database will be greatly improved.

The next article on database security will focus on specific SQL and Oracle security problems, with detailed examples and advice for DBAs and developers.

There are a lot of similarities between database security and general IT security, with generic simple security steps and measures that can be (and should be) easily implemented to dramatically improve security. While these may seem like common sense, it is surprising how many times we have seen that common security measures are not implemented and so cause

a security exposure.

◆User account and password security

One of the basic first principals in IT security is “make su re you have a good password”. Within this statement I have assumed that a password is set in the first place, though this is often not the case.

I touched on common sense security in my last article, but I think it is important to highlight this again. As with operating systems, the focus of attention within database account security is aimed at administration

accounts. Within SQL this will be the SA account and within Oracle it may be the SYSDBA or ORACLE account.

It is very common for SQL SA accounts to have a password of ‘SA’ or even worse a blank password, which is just as common. This password laziness breaks the most basic security principals, and should be stamped down on. Users would not be allowed to have a blank password on their own domain account, so why should valuable system resources such as databases be allowed to be left unprotected. For instance, a blank ‘SA’password will enable any user with client software (i.e. Microsoft query analyser or enterprise manager to ‘manage’ the SQL server and databases).

With databases being used as the back end to Web applications, the lack of password control can result in a total compromise of sensitive information. With system level access to the database it is possible not only to execute queries into the database, create/modify/delete tables etc, but also to execute what are known as Stored Procedures.

数据库安全

“为什么要确保数据库服务安全呢？任何人都不能访问-这是一个非军事区的保护防火墙”，当我们被建议使用一个带有安全检查机制的装置时，这是通常的反应。事实上，在防护一个组织的信息方面，数据库的安全是至高无上的，因为它可能会间接接触比我们意识到的更广泛的用户。

这是两篇研究数据库安全文章中的第一篇。在这篇文章中我们将讨论一般数

据库安全概念和和比较普遍的问题。在下篇文章，我们将把焦点放在特定的

Microsoft SQL和Oracle的安全关注上。

近来数据库安全已成为一个热门话题。随着越来越多的人关注计算机安全，

我们发现，防火墙和网络服务器比以前都更加安全化了（虽然这并不等于说现在

不再有许多不安全的网络存在）。因此，重点是加大对技术的考虑力度，譬如以

更细腻的审查态度对待数据库。

◆一般安全意识

在我们讨论有关数据库安全问题之前，确保底层操作系统和支撑技术的安

全是审慎而且必要的。如果一个vanilla操作系统无法为数据库提供一个稳妥可

靠的安全基础，花费太多努力去确保数据库安全是不值得的。当安装操作系统时，

有许多好的文献资料可以参考。

经常遇到的一个普遍问题，就是作为网络服务器托管Internet(or Intranet)

的同一服务器上数据库的应用。虽然这可能节省的购买一个单独的服务器费用，

但这严重影响了安全问题。如果这是确定的，当数据库开放地连接到互联网这种

情况被证实了。最近的一个例子，我记得是一个Apache网络服务器系统服务组

织在互联网上提供的，与Oracle数据库在互联网上提供有关端口1521。在调查

这个问题时进一步被发现，访问该Oracle服务器是没有服务器加以制止之类的

保护措施的（包括缺乏密码）。从互联网发展前景看，这个数据库是不被推崇的，

但默认设置的使用以及粗糙的安全措施，使服务器更加脆弱。

上面提到的问题并不是严格地数据库问题，还可以被归类为构建机制和防火

墙保护问题，但最终它确是数据库，这是毫不妥协的。安全方面的考虑从面向网

络的各部分来看而被迫作出的。你不能依靠任何他人或任何别的事以保护你的数

据库安全。

◆由于SQL和Oracle开发的漏洞给攻击工具一个得以使用的空间。

我在最近为客户做的一项安全评估中偶然发现一个数据库安全方面的有趣

的是。我们正在进行对使用一个数据库后端（SQL）以存放客户端的细节的企业

内部应用软件的测试。安全审查过程进展顺利，访问控制基于Windows 认证。

只有通过认证的Windows用户能够看到属于他们的数据。这个应用软件本身好像

对输入要求进行处理，拒绝直接进入资料库的所有尝试。

之后我们在工作的办公室偶然发现一个该应用软件的备份。这个媒体装有SQL数据库的备份，这是我们重新存储到笔记本电脑上的。所有安全控制均到那些原先并未恢复数据库的位置上，而且我们能够在适当的位置无任何限制地浏览完整的数据库，以保护敏感的数据。这可能像是一种妥协的系统安全的方式，但确实是重要的。往往并不是采取直接的方法攻击一个目标，并且最终结果是相同的;系统妥协。数据库备份可以存储在服务器上，从而有利于间接地访问数据。

以上问题有一个简单的办法来解决。在SQL 2000可以为备份设定使用密码保护。如果备份使用了密码保护，当创建密码时就必须使用密码。这是一种有效而且不太复杂的方法阻止备份数据的简单捕获。然而这意味着密码必须记住！

◆当前趋势

在IT安全方面有许多当前趋势，这些中的不少都与数据库安全联系起来。数据库安全方面的焦点正吸引着攻击者的注意力。由于SQL和Oracle开发的漏洞给攻击工具一个得以使用的空间。这些工具的出现提高了赌注，我们已经看到，攻击主要是针对服务器暴露到互联网的特定数据库端口。

贯穿安全业的一个普遍问题是应用软件安全，特别是定制的Web应用程序。随着Web应用程序的功能变得越来越复杂，它带来了应用程序编码方面的安全漏洞的更大的潜在威胁。为了满足应用软件的功能性要求，后端数据存储通常被用来安排网页内容的格式。这就需要更复杂的后端数据编码。开发者使用不同风格的代码开发，其中一部分没有安全意识，这也许是开发错误的源头。

SQL注入就是当前IT安全业的一个热门话题。随着愈来愈多的以期缩短时间的开发数据库的方式和手段的出现，目前在技术安全论坛中，争论是很平常的。SQL注入是一个容易让人误导的术语，因为该概念也适用于其他的数据库，包括Oracle，DB2和Sybase系统。

◆什么是SQL注入？

SQL注入的是软件开发人员所不希望出现的与资料库使用代码或指令发送手段的交流方法。这是发现在Web应用软件最常见的形式。任何用户输入应用软件所不允许的内容是攻击的一个常见来源。

在座很多朋友已经看到了当访问网站时通常的错误消息框，而且往往显示用户输入没有得到正确处理。一旦出现这种类型的错误，攻击者将把焦点放在更具体的输入字符串上。具体的与安全有关的编码技术在使用组织时应加入编码标准。

由于这种类型的脆弱性所造成的损害，可以很深刻的，尽管这会取决于该应用软件与数据库关联的特权级别。如果该软件以管理者类型权限访问数据，然后恶意运行命令也会是这一级别的访问权限，此时系统妥协是不可避免的。还有这个问

题类似于操作系统的安全规则，在那里，项目应该以最低的权限运行，而且这是必要的。如果是正常的用户访问，然后启用这个限制。

同样的问题，SQL的安全也不完全是一个数据库的问题。特定的数据库命令或要求，不应该允许通过应用层。这是可以通过"安全码"的方式加以预防的。这是一个场外话题，但应该被应用的一些基本步骤的详细设计是有必要的。

第一步，在获取任何申请时须验证和控制用户输入。可能的情况下，严格的类型应被设定以控制具体数据（例如，期望得到数值数据，字符串类型数据等），并在可能实现的情况下，如果数据是以字符型为基础的，需要禁止特定的非字母数字字符。如果这是不能实现的，应该做出争取使用替代字符的考虑（例如，使用单引号，这在 SQL命令中时通常被使用的）。

在使用您的组织时具体的与安全有关的编码技术应加入编码标准。如果所有开发商都使用相同的基线标准，特定具体的安全措施，这将大大减少SQL注入妥协的风险。

能够使用的另一种简单的方法，是清除数据库中不再需要的所有程序。这些限制了数据库中不再需要的或者多于过剩的被恶意利用的程度。这类似于消除操作系统内不需要的服务程序，是一种常见的安全实践。

◆总结

总之，我已做出的以上的大多数观点是安全概念的一般意识，并没有具体到某个数据库。然而，所有这些确实应用于数据库，而且如果这些基本的安全措施被应用，你的数据库安全属性将大大改善。在下一篇关于数据库的安全的文章中，将侧重于具体的SQL和Oracle安全问题，有为DBAs和开发商提供的详细例子和意见。

在上面，我们讨论了一般数据库安全概念和共同面临的问题。在这篇文章我们将集中于特定的Microsoft SQL和Oracle的安全问题，同样重要的是缓解这些问题的解决方案。

数据库安全与一般IT安全问题有许多相似之处，都有一些简单的安全措施和步骤，容易实施，从而大大提高安全性。虽然这些看起来像普通常识，但是令人惊讶的是，我们都看到有多少次，常见的安全措施没有落实以至于造成的安全风险。

◆用户账户和密码安全

在IT安全方面的一个首要基本规则，便是“确保你有一个可靠的密码”。在此声明，我已假定首先一个密码已被设定，虽然这种情况往往并非如此。在去年的文章中，我略微谈到了关于一般安全意识的问题，但我认为再次强调这个问题是有必要的，而且至关重要。就像操作系统，人们关注的焦点是内部数据库的

账号安全，其目的在于管理账户。在SQL内，这将成为SA账号，在Oracle内，这可以是SYSDBA或者是Oracle账户。

SQL SA服务账户将“SA”作为密码，这是很常见的，或者更糟糕的是一个空白密码，这同样很普遍。这类密码连最基本的安全规则都懒于限制。用户在自己的域账户上将不允许有一个空白密码，所以为什么宝贵的系统资源，例如数据库容许被毫无保障。举例来说，一个空白的“SA”密码，使含有客户端软件任何用户（如微软的查询分析器或企业经理人去“管理”SQL Server和数据库）。

数据库被用来作为Web应用软件的后端，缺乏密码控制，将导致敏感资料的全盘妥协。随着系统级访问数据库，使得不仅要执行查询到数据库，创建/修改/删除表等，而且也要执行被称为存储程序的内容。

英文文献翻译

中等分辨率制备分离的 快速色谱技术 W. Clark Still,* Michael K a h n , and Abhijit Mitra Departm(7nt o/ Chemistry, Columbia Uniuersity,1Veu York, Neu; York 10027 ReceiLied January 26, 1978 我们希望找到一种简单的吸附色谱技术用于有机化合物的常规净化。这种技术是适于传统的有机物大规模制备分离，该技术需使用长柱色谱法。尽管这种技术得到的效果非常好，但是其需要消耗大量的时间，并且由于频带拖尾经常出现低复原率。当分离的样本剂量大于1或者2g时，这些问题显得更加突出。近年来，几种制备系统已经进行了改进，能将分离时间减少到1-3h，并允许各成分的分辨率ΔR f≥（使用薄层色谱分析进行分析）。在这些方法中，在我们的实验室中，媒介压力色谱法1和短柱色谱法2是最成功的。最近，我们发现一种可以将分离速度大幅度提升的技术，可用于反应产物的常规提纯，我们将这种技术称为急骤色谱法。虽然这种技术的分辨率只是中等（ΔR f≥），而且构建这个系统花费非常低，并且能在10-15min内分离重量在的样本。4 急骤色谱法是以空气压力驱动的混合介质压力以及短柱色谱法为基础，专门针对快速分离，介质压力以及短柱色谱已经进行了优化。优化实验是在一组标准条件5下进行的，优化实验使用苯甲醇作为样本，放在一个20mm*5in.的硅胶柱60内，使用Tracor 970紫外检测器监测圆柱的输出。分辨率通过持续时间（r）和峰宽（w,w/2）的比率进行测定的（Figure 1），结果如图2-4所示，图2-4分别放映分辨率随着硅胶颗粒大小、洗脱液流速和样本大小的变化。

外文翻译 - 英文

The smart grid Smart grid is the grid intelligent (electric power), also known as the "grid" 2.0, it is based on the integration, high-speed bidirectional communication network, on the basis of through the use of advanced sensor and measuring technology, advanced equipme nt technology, the advanced control method, and the application of advanced technology of decision support system, realize the power grid reliability, security, economic, efficient, environmental friendly and use the security target, its main features include self-healing, incentives and include user, against attacks, provide meet user requirements of power quality in the 21st century, allow all sorts of different power generation in the form of access, start the electric power market and asset optimizatio n run efficiently. The U.S. department of energy (doe) "the Grid of 2030" : a fully automated power transmission network, able to monitor and control each user and power Grid nodes, guarantee from power plants to end users among all the nodes in the whole process of transmission and distribution of information and energy bi-directional flow. China iot alliance between colleges: smart grid is made up of many parts, can be divided into:intelligent substation, intelligent power distribution network, intelli gent watt-hourmeter,intelligent interactive terminals, intelligent scheduling, smart appliances, intelligent building electricity, smart city power grid, smart power generation system, the new type of energy storage system.Now a part of it to do a simple i ntroduction. European technology BBS: an integration of all users connected to the power grid all the behavior of the power transmission network, to provide sustained and effective economic and security of power. Chinese academy of sciences, institute of electrical: smart grid is including all kinds of power generation equipment, power transmission and distribution network, power equipment and storage equipment, on the basis of the physical power grid will be modern advanced sensor measurement technology, network technology, communication

指纹识别系统(文献综述)

指纹识别方法的综述 摘 要: 对在指纹的预处理和特征提取、指纹分类、指纹的匹配过程中的方向图、滤波器、神经网络等关 键性原理和技术做了详细的说明,并对在各个过程中用到的方法做了进一步的比较,讨论了各种方法的优越性。 0 引 言 自动指纹识别是上世纪六十年代兴起的,利用计算机取代人工来进行指纹识别的一种方法。近年 来,随着计算机技术的飞速发展,低价位指纹采集仪的出现以及高可靠算法的实现,更使得自动指纹识 别技术越来越多地进入到人们的生活和工作中,自动指纹识别系统的研究和开发正在成为国内外学术 界和商业界的热点。相对于其他生物特征鉴别技术例如语音识别及虹膜识别,指纹识别具有许多独到 的优点,更重要的是它具有很高的实用性和可行性,已经被认为是一种理想的身份认证技术,有着十分 广泛的应用前景,是将来生物特征识别技术的主流。 1 指纹取像 图 1 是一个自动指纹识别系统AFIS(Automated Fingerprint Identification System) 的简单流程。 → → → ↓ ↑ ———— 将一个人的指纹采集下来输入计算机进行处理是指纹自动识别的首要步骤。指纹图像的获取主要利用设备取像,方便实用,比较适合AFIS 。利用设备取像的主要方法又利用光学设备、晶体传感器和超声波来进行。光学取像设备是根据光的全反射原理来设计的。晶体传感器取像是根据谷线和脊线皮肤与传感器之间距离不同而产生的电容不同来设计的。超声波设备取像也是采用光波来取像,但由于超声波波长较短,抗干扰能力较强,所以成像的质量非常好。 2 图像的预处理与特征提取 无论采取哪种方法提取指纹,总会给指纹图像带来各种噪声。预处理的目的就是去除图像中的噪 音,把它变成一幅清晰的点线图,以便于提取正确的指纹特征。预处理是指纹自动识别过程的第一步, 它的好坏直接影响着指纹识别的效果。常用的预处理与特征提取( Image Preprocessing and Feature Ex 2 t raction) 方法的主要步骤包括方向图计算、图像滤波、二值化、细化、提取特征和后处理。当然这些步骤 可以根据系统和应用的具体情况再进行适当变化。文献[ 1 ]提出了基于脊线跟踪的方法能够指纹取像 图像预处理 特征提取 指纹识别 数据库管理

频谱感知技术外文翻译文献

频谱感知技术外文翻译文献 (文档含中英文对照即英文原文和中文翻译) 译文： 一种新的协作频谱感知算法 摘要 该文提出了一种在认知无线网络控制信道带宽受限条件下基于信任度的双门限协同频谱感知算法。首先每个认知用户基于双检测门限独立进行频谱感知，但只有部分可靠的认知用户通过控制信道向认知无线网络基站发送本地感知结果。当所有的用户都不可靠时，选取信任度最高的认知用户发送本地感知结果进行判决。理论分析和仿真表明，同常规能量检测算法相比较，该算法能够在控制信道带宽受限条件下，以较少的网络开销获得更好的频谱感知性能。 关键词：认知无线电；频谱感知；信任度；双门限 1引言 随着无线通信技术的飞速发展，有限的频谱资源与不断增长的无线通信需求的矛盾越来越突出。然而根据现有的固定分配频谱资源策略，绝大多数频谱资源得不到有效利用。据FCC 的调查统计，70%的已分配频谱资源没有得到有效利用]1[。为了提高频谱资源的利用率，认知无线电技术由Joseph Mitola Ⅲ提出并得到了广泛的关注]5[]2[ 。频谱感知技术是认知无线电网络的支撑技术之一。通常它又可以分为

能量检测法、匹配滤波器法和循环平稳特征法[4]。能量检测算法因为应用简单且无需知道任何授权用户信号的先验知识成为研究热点。认知用户在接入授权频带之前，必须首先感知该频带空闲即授权用户没有工作，否则会对授权用户造成干扰。一旦授权用户重新工作，认知用户必须退避，实现在不对授权用户产生干扰的情况下对频谱资源的共享。由于实际信道中的多径和阴影效应，单个认知用户频谱感知的性能并不乐观，针对这个问题D. Cabric 等人提出了协同频谱感知算法[5]-[6]。协同频谱感知算法性能较好，但是当认知用户数量很大的时候，控制信道的带宽将不够用。文献[7]中提出了一种在控制信道带宽受限条件下的基于双检测门限的频谱感知算法，该算法能够以较小的网络开销，获得接近普通单门限频谱检测算法的性能。针对认知无线电频谱感知的需要，本文提出了认知无线电环境下一种基于信任度的双门限协同频谱感知算法。该算法中每个认知用户基于双检测门限独立进行频谱感知，但只有部分可靠的认知用户通过控制信道向认知无线网络基站发射感知报告。当所有的用户都不可靠时，选取信任度最高的认知用户发射感知报告进行判决。本文对该算法进行了性能分析并通过仿真表明，本文方法比较常规能量检测算法，在减小网络开销的同时提高了检测性能。 2系统模型 假设一个认知无线电网络有N 个认知用户和一个认知无线网络基站，如图1 所示。认知无线网络基站负责管理和联系N 个认知用户，在收到认知用户的检测报告后做出最终判决。 图1. 认知无线电网络示意图 频谱感知的实质是一个二元假设问题，即 01 (),,()()()(),n t H x t h t s t n t H ?=??+? （1）

计算机网络-外文文献-外文翻译-英文文献-新技术的计算机网络

New technique of the computer network Abstract The 21 century is an ages of the information economy, being the computer network technique of representative techniques this ages, will be at very fast speed develop soon in continuously creatively, and will go deep into the people's work, life and study. Therefore, control this technique and then seem to be more to deliver the importance. Now I mainly introduce the new technique of a few networks in actuality live of application. keywords Internet Network System Digital Certificates Grid Storage 1. Foreword Internet turns 36, still a work in progress Thirty-six years after computer scientists at UCLA linked two bulky computers using a 15-foot gray cable, testing a new way for exchanging data over networks, what would ultimately become the Internet remains a work in progress. University researchers are experimenting with ways to increase its capacity and speed. Programmers are trying to imbue Web pages with intelligence. And work is underway to re-engineer the network to reduce Spam (junk mail) and security troubles. All the while threats loom: Critics warn that commercial, legal and political pressures could hinder the types of innovations that made the Internet what it is today. Stephen Crocker and Vinton Cerf were among the graduate students who joined UCLA professor Len Klein rock in an engineering lab on Sept. 2, 1969, as bits of meaningless test data flowed silently between the two computers. By January, three other "nodes" joined the fledgling network.

外文翻译computerprogram英文.doc

Computer Program 1 Introduction Computer Program, set of instructions that directs a computer to perform someprocessing function or combination of functions. For the instructions to be carried out, a computer must execute a program, that is, the computer reads the program, and then follow the steps encoded in the program in a precise order until completion. A program can be executed many different times, with each execution yielding a potentially different result depending upon the options and data that the user gives the computer. Programs fall into two major classes: application programs and operating systems. An application program is one that carries out somefunction directly for a user, such as word processing or game-playing. An operating system is a program that manages the computer and the various resources and devices connected to it, such as RAM,hard drives, monitors, keyboards, printers, and modems,so that they maybe used by other programs. Examples of operating systems are DOS, Windows 95, OS\2, and UNIX. 2 Program Development Software designers create new programs by using special applications programs, often called utility programs or development programs. A programmer uses another type of program called a text editor to write the new program in a special notation called a programming language. With the text editor, the programmer creates a text file, which is an ordered list of instructions, also called the program source file. The individual instructions that make up the program source file are called source code. At this point, a special applications program translates the source code into machine language, or object code— a format that the operating system

机械设计外文翻译(中英文)

机械设计理论 机械设计是一门通过设计新产品或者改进老产品来满足人类需求的应用技术科学。它涉及工程技术的各个领域，主要研究产品的尺寸、形状和详细结构的基本构思，还要研究产品在制造、销售和使用等方面的问题。 进行各种机械设计工作的人员通常被称为设计人员或者机械设计工程师。机械设计是一项创造性的工作。设计工程师不仅在工作上要有创造性，还必须在机械制图、运动学、工程材料、材料力学和机械制造工艺学等方面具有深厚的基础知识。如前所诉，机械设计的目的是生产能够满足人类需求的产品。发明、发现和科技知识本身并不一定能给人类带来好处，只有当它们被应用在产品上才能产生效益。因而，应该认识到在一个特定的产品进行设计之前，必须先确定人们是否需要这种产品。 应当把机械设计看成是机械设计人员运用创造性的才能进行产品设计、系统分析和制定产品的制造工艺学的一个良机。掌握工程基础知识要比熟记一些数据和公式更为重要。仅仅使用数据和公式是不足以在一个好的设计中做出所需的全部决定的。另一方面，应该认真精确的进行所有运算。例如，即使将一个小数点的位置放错，也会使正确的设计变成错误的。 一个好的设计人员应该勇于提出新的想法，而且愿意承担一定的风险，当新的方法不适用时，就使用原来的方法。因此，设计人员必须要有耐心，因为所花费的时间和努力并不能保证带来成功。一个全新的设计，要求屏弃许多陈旧的，为人们所熟知的方法。由于许多人墨守成规，这样做并不是一件容易的事。一位机械设计师应该不断地探索改进现有的产品的方法，在此过程中应该认真选择原有的、经过验证的设计原理，将其与未经过验证的新观念结合起来。 新设计本身会有许多缺陷和未能预料的问题发生，只有当这些缺陷和问题被解决之后，才能体现出新产品的优越性。因此，一个性能优越的产品诞生的同时，也伴随着较高的风险。应该强调的是，如果设计本身不要求采用全新的方法，就没有必要仅仅为了变革的目的而采用新方法。 在设计的初始阶段，应该允许设计人员充分发挥创造性，不受各种约束。即使产生了许多不切实际的想法，也会在设计的早期，即绘制图纸之前被改正掉。只有这样，才不致于堵塞创新的思路。通常，要提出几套设计方案，然后加以比较。很有可能在最后选定的方案中，采用了某些未被接受的方案中的一些想法。

虹膜识别外文翻译文献

虹膜识别外文翻译文献 虹膜识别外文翻译文献 (文档含中英文对照即英文原文和中文翻译) 外文： The first chapter 1.1 The research background of iris recognition Biometrics is a technology for personal identification using physiological characteristics and behavior characteristics inherent in the human body. Can be used for the biological characteristics of biological recognition, fingerprint, hand type face, iris, retina, pulse, ear etc.. Behavior has the following characteristics: signature, voice, gait, etc.. Based on these characteristics, it has been the development of hand shape recognition, fingerprint recognition, facial recognition, iris recognition, signature recognition and other biometric technology, many techniques have been formed and mature to application of. Biological recognition technology in a , has a long history, the ancient Egyptians through identification of each part of the body size measure to carry out identity may be the earliest human based on the earliest history of biometrics. But the modern biological recognition technology began in twentieth Century 70 time metaphase, as biometric devices early is relatively expensive, so only a higher security level atomic test, production base.due to declining cost of microprocessor and various electronic components, precision gradually improve, control device of a biological recognition technology has been gradually applied to commerce authorized, such as access control, attendance management, management system, safety certification field etc.. All biometric technology, iris recognition is currently used as a convenient and accurate.

无线射频识别技术外文翻译参考文献

无线射频识别技术外文翻译参考文献(文档含中英文对照即英文原文和中文翻译) 翻译： 当前无线射频识别技术应用略述 摘要 无线射频识别技术可以自动识别多目标并以非接触式方式移动目标。越来越多的零售商、银行、交通管理系统、展览及物流供应商将这项新技术应

用于他们的产品和服务。因此，这给RFID技术的研究带来了机遇和挑战。本文简单介绍了RFID系统的组成、原理及RFID技术的特点。本文比较了RFID 与传统条码，然后提供了一个简短的关于目前RFID应用情况的调查报告。 关键词：无线射频识别技术应用物流

一、简 介 无线射频识别（RFID ）是一种识别技术。与RFID 技术的前身——条码技术相比，RFID 技术具有很多的优点。但由于其成本高，RFID 技术至今未能广泛应用到各行各业。RFID 技术因其无需视线扫描而具有无可比拟的先进性，它能够降低劳动力水平，提高知名度并改善库存管理。 RFID 技术的普及提供了一项人或物体定位及追踪的解决方案。RFID 定位与跟踪系统根据独特的识别标签、阅读器与物体标签间射频通信的信号强度确定物体的空间位置，主要适用于室内，而GPS 系统是不适合应用于室内的。 RFID 技术是一项基于“无线电频率”的非接触式的自动识别技术，自动识别静态或动态的人和对象。 RFID 标签是一个特殊的微芯片，植入商品中，可以跟踪和管理物理对象，是物流管理信息化和跟踪信息化的重要手段。 RFID 的系统组成部分包括： (1）标签（应答器）：对象植入待确定。 (2）阅读器：可以读或读/写，按结构和技术。正如图1-1，RFID 的工作原理 图1-1 RFID 的工作原理 与计算机通讯 阅读器 电磁波（操作指 令和新的数据） 标签 发出的ID 代码和数据

变电站_外文翻译_外文文献_英文文献_变电站的综合概述

英文翻译 A comprehensive overview of substations Along with the economic development and the modern industry developments of quick rising, the design of the power supply system become more and more completely and system. Because the quickly increase electricity of factories, it also increases seriously to the dependable index of the economic condition, power supply in quantity. Therefore they need the higher and more perfect request to the power supply. Whether Design reasonable, not only affect directly the base investment and circulate the expenses with have the metal depletion in colour metal, but also will reflect the dependable in power supply and the safe in many facts. In a word, it is close with the economic performance and the safety of the people. The substation is an importance part of the electric power system, it is consisted of the electric appliances equipments and the Transmission and the Distribution. It obtains the electric power from the electric power system, through its function of transformation and assign, transport and safety. Then transport the power to every place with safe, dependable, and economical. As an important part of power’s transport and control, the transformer substation must change the mode of the traditional design and control, then can adapt to the modern electric power system, the development of modern industry and the of trend of the society life. Electric power industry is one of the foundations of national industry and national economic development to industry, it is a coal, oil, natural gas, hydropower, nuclear power, wind power and other energy conversion into electrical energy of the secondary energy industry, it for the other departments of the national economy fast and stable development of the provision of adequate power, and its level of development is a reflection of the country's economic development an important indicator of the level. As the power in the industry and the importance of the national economy, electricity transmission and distribution of electric energy used in these areas is an indispensable component.。Therefore, power transmission and distribution is critical. Substation is to enable superior power plant power plants or power after adjustments to the lower load of books is an important part of power transmission. Operation of its functions, the capacity of a direct impact on the size of the lower load power, thereby affecting the industrial production and power consumption.Substation system if a link failure, the system will protect the part of action. May result in power outages and so on, to the production and living a great disadvantage. Therefore, the substation in the electric power system for the protection of electricity reliability,

机械专业外文翻译(中英文翻译)

外文翻译 英文原文 Belt Conveying Systems Development of driving system Among the methods of material conveying employed，belt conveyors play a very important part in the reliable carrying of material over long distances at competitive cost．Conveyor systems have become larger and more complex and drive systems have also been going through a process of evolution and will continue to do so．Nowadays，bigger belts require more power and have brought the need for larger individual drives as well as multiple drives such as 3 drives of 750 kW for one belt(this is the case for the conveyor drives in Chengzhuang Mine)．The ability to control drive acceleration torque is critical to belt conveyors’performance．An efficient drive system should be able to provide smooth，soft starts while maintaining belt tensions within the specified safe limits．For load sharing on multiple drives．torque and speed control are also important considerations in the drive system’s design. Due to the advances in conveyor drive control technology，at present many more reliable．Cost-effective and performance-driven conveyor drive systems covering a wide range of power are available for customers’ choices[1]. 1 Analysis on conveyor drive technologies 1．1 Direct drives Full-voltage starters．With a full-voltage starter design，the conveyor head shaft is direct-coupled to the motor through the gear drive．Direct full-voltage starters are adequate for relatively low-power, simple-profile conveyors．With direct fu11-voltage starters．no control is provided for various conveyor loads and．depending on the ratio between fu11-and no-1oad power requirements，empty starting times can be three or four times faster than full load．The maintenance-free starting system is simple，low-cost and very reliable．However, they cannot control starting torque and maximum stall torque；therefore．they are

单片机技术发展与应用中英文对照外文翻译文献

(文档含英文原文和中文翻译) 中英文对照外文翻译 单片机技术的发展与应用 从无线电世界到单片机世界现代计算机技术的产业革命，将世界经济从资本经济带入到知识经济时代。在电子世界领域，从 20 世纪中的无线电时代也进入到 21 世纪以计算机技术为中心的智能化现代电子系统时代。现代电子系统的基本核心是嵌入式计算机系统(简称嵌入式系统)，而单片机是最典型、最广泛、最普及的嵌入式系统。 一、无线电世界造就了几代英才。在 20 世纪五六十年代，最具代表的先进的电子技术就是无线电技术，包括无线电广播，收音，无线通信(电报)，业余无线电台，无

线电定位，导航等遥测、遥控、遥信技术。早期就是这些电子技术带领着许多青少年步入了奇妙的电子世界，无线电技术展示了当时科技生活美妙的前景。电子科学开始形成了一门新兴学科。无线电电子学，无线通信开始了电子世界的历程。无线电技术不仅成为了当时先进科学技术的代表，而且从普及到专业的科学领域，吸引了广大青少年，并使他们从中找到了无穷的乐趣。从床头的矿石收音机到超外差收音机；从无线电发报到业余无线电台；从电话，电铃到无线电操纵模型。无线电技术成为当时青少年科普、科技教育最普及，最广泛的内容。至今，许多老一辈的工程师、专家、教授当年都是无线电爱好者。无线电技术的无穷乐趣，无线电技术的全面训练，从电子学基本原理，电子元器件基础到无线电遥控、遥测、遥信电子系统制作，培养出了几代科技英才。 二、从无线电时代到电子技术普及时代。早期的无线电技术推动了电子技术的发展，其中最主要的是真空管电子技术向半导体电子技术的发展。半导体电子技术使有源器件实现了微小型化和低成本，使无线电技术有了更大普及和创新，并大大地开阔了许多非无线电的控制领域。半导体技术发展导致集成电路器件的产生，形成了近代电子技术的飞跃，电子技术从分立器件时代走进了电路集成时代。电子设计工程师不再用分立的电子元器件设计电路单元，而直接选择集成化的电路单元器件构成系统。他们从电路单元设计中解放出来，致力于系统设计，大大地解放了科技生产力，促进了电子系统更大范围的普及。半导体集成电路首先在基本数字逻辑电路上取得突破。大量数字逻辑电路，如门电路，计数器，定时器，移位寄存器以及模拟开关，比较器等，为电子数字控制提供了极佳的条件，使传统的机械控制转向电子控制。功率电子器件以及传感技术的发展使原先以无线电为中心的电子技术开始转向工程领域中的机械系统的数字控制，检测领域中的信息采集，运动机械对象的电气伺服驱动控制。半导体及其集成电路技术将我们带入了一个电子技术普及时代，无线电技术成为电子技术应用领域的一个部分。进20世纪70年代，大规模集成电路出现，促进了常规的电子电路单元的专用电子系统发展。许多专用电子系统单元变成了集成化器件，如收音机，电子钟，计算器等，在这些领域的电子工程师从电路系统的精心设计，调试转变为器件选择，外围器件适配工作。电子技术发展了，电子产品丰富了，电子工程师的难度减少了，但与此同时，无线电技术，电子技术的魅力却削弱了。半导体集成电路的发展使经典电子系统日趋完善，留在大规模集成电路以外的电子技术日益减少，电子技术没有了往昔无线电时代的无穷乐趣和全面的工程训练。 三、从经典电子技术时代到现代电子技术时代进入 20 世纪 80 年代，世界经济

博物馆 外文翻译 外文文献 英文文献

第一篇： 航空博物馆与航空展示公园 巴特罗米耶杰·基谢列夫斯基 飞翔的概念、场所的精神、老机场的建筑---克拉科夫新航空博物馆理性地吸取了这些元素，并将它们整合到一座建筑当中。Rakowice-Czyzyny机场之前的旧飞机修理库为新建筑的平面和高度设定了模数比例。在此基本形态上进一步发展，如同裁切和折叠一架纸飞机，生成了一座巨大的建筑。其三角形机翼是由混凝土制成，却如同风动螺旋桨一样轻盈。这个机翼宽大通透，向各个方向开敞。它们的形态与组织都是依据内部功能来设计的。机翼部分为3个不平衡的平面，使内外景观在不断变化中形成空间的延续性，并且联系了建筑内的视觉焦点和室外的展览区。 新航空展示公园的设计连接了博物馆的8栋建筑和户外展览区，并与历史体验建立联系。从前的视觉轴线与通道得到尊重，旧的道路得到了完善，朝向飞机场和跑道的空间被限定出来。每栋建筑展示了一个主题或是一段飞行史。建筑周围伸展出巨大的平台，为特殊主题的室外展览提供了空间。博物馆容纳了超过150架飞机、引擎、飞行复制品、成套的技术档案和历史图片。这里的特色收藏是飞机起源开始的各种飞行器，如Jatho1903、Grade1909、莱特兄弟1909年的飞机模型和1911年的鸽式单翼机。 The first passage: Museum for aviation and aviation exhibition park Bartiomiej Kislelewski The idea of flying, the spirit of place, the structure of the historic airfield – the new Museum of Aviation in Krakow takes up these references intellectually and synthesizes them into a building. The old hangars of the former airport Rakowice Czyzyny set the modular scale for the footprint and the height of the new building. Developed from this basic shape, as if cut out and folded like a paper airplane, a large structure has been generated, with triangular wings made of concrete and yet as light as a wind-vane propeller. The wings are generously glazed and open in all directions. Their form and arrangement depend on the interior uses. In the floor plans of the wings, the three offset