计算机类_外文文献_翻译

1

外文文献：

Core Java? Volume II–Advanced Features When Java technology first appeared on the scene, the excitement was not about a well-crafted programming language but about the possibility of safely executing applets that are delivered over the Internet (see V olume I, Chapter 10 for more information about applets). Obviously, delivering executable applets is practical only when the recipients are sure that the code can't wreak havoc on their machines. For this reason, security was and is a major concern of both the designers and the users of Java technology. This means that unlike other languages and systems, where security was implemented as an afterthought or a reaction to break-ins, security mechanisms are an integral part of Java technology.

Three mechanisms help ensure safety:

?Language design features (bounds checking on arrays, no unchecked type conversions, no pointer arithmetic, and so on).

?An access control mechanism that controls what the code can do (such as file access, network access, and so on).

?Code signing, whereby code authors can use standard cryptographic algorithms to authenticate Java code. Then, the users of the code can determine exactly who created the code and whether the code has been altered after it was signed.

Below, you'll see the cryptographic algorithms supplied in the java.security package, which allow for code signing and user authentication.

As we said earlier, applets were what started the craze over the Java platform. In practice, people discovered that although they could write animated applets like the famous "nervous text" applet, applets could not do a whole lot of useful stuff in the JDK 1.0 security model. For example, because applets under JDK 1.0 were so closely supervised, they couldn't do much good on a corporate intranet, even though relatively little risk attaches to executing an applet from your company's secure intranet. It quickly became clear to Sun that for applets to become truly useful, it was important for users to be able to assign different levels of security, depending on where the applet originated. If an applet comes from a trusted supplier and it has not been tampered with, the user of that applet can then decide whether to give the applet more privileges.

To give more trust to an applet, we need to know two things:

?Where did the applet come from?

?Was the code corrupted in transit?

In the past 50 years, mathematicians and computer scientists have developed sophisticated algorithms for ensuring the integrity of data and for electronic signatures. The java.security package contains implementations of many of these algorithms. Fortunately, you don't need to understand the underlying mathematics to use the algorithms in the java.security package. In the next sections, we show you how message digests can detect changes in data files and how digital signatures can prove the identity of the signer.

A message digest is a digital fingerprint of a block of data. For example, the so-called SHA1 (secure hash algorithm #1) condenses any data block, no matter how long, into a sequence of 160 bits (20 bytes). As with real fingerprints, one hopes that no two messages have the same SHA1 fingerprint. Of course, that cannot be true—there are only 2160 SHA1 fingerprints, so there must be some messages with the same fingerprint. But 2160is so large that the probability of duplication occurring is negligible. How negligible? According to James Walsh in True Odds: How Risks Affect Your Everyday Life (Merritt Publishing 1996), the chance that you will die from being struck by lightning is about one in 30,000. Now, think of nine other people, for example, your nine least favorite managers or professors. The chance that you and all of them will die from lightning strikes is higher than that of a forged message having the same SHA1 fingerprint as the original. (Of course, more than ten people, none of whom you are likely to know, will die from lightning strikes. However, we are talking about the far slimmer chance that your particular choice of people will be wiped out.)

A message digest has two essential properties:

?If one bit or several bits of the data are changed, then the message digest also changes.

? A forger who is in possession of a given message cannot construct a fake message that has the same message digest as the original.

The second property is again a matter of probabilities, of course. Consider the following message by the billionaire father:"Upon my death, my property shall be divided equally among my children; however, my son George shall receive nothing."

That message has an SHA1 fingerprint of

2D 8B 35 F3 BF 49 CD B1 94 04 E0 66 21 2B 5E 57 70 49 E1 7E

The distrustful father has deposited the message with one attorney and the fingerprint with another. Now, suppose George can bribe the lawyer holding the message. He wants to change the message so that Bill gets nothing. Of course, that changes the fingerprint to a completely different bit pattern:

2A 33 0B 4B B3 FE CC 1C 9D 5C 01 A7 09 51 0B 49 AC 8F 98 92

Can George find some other wording that matches the fingerprint? If he had been the proud owner of a billion computers from the time the Earth was formed, each computing a million messages a second, he would not yet have found a message he could substitute.

A number of algorithms have been designed to compute these message digests. The two best-known are SHA1, the secure hash algorithm developed by the National Institute of Standards and Technology, and MD5, an algorithm invented by Ronald Rivest of MIT. Both algorithms scramble the bits of a message in ingenious ways. For details about these algorithms, see, for example, Cryptography and Network Security, 4th ed., by William Stallings (Prentice Hall 2005). Note that recently, subtle regularities have been discovered in both algorithms. At this point, most cryptographers recommend avoiding MD5 and using SHA1 until a stronger alternative becomes available. (See https://www.360docs.net/doc/7618167438.html,/rsalabs/node.asp?id=2834 for more information.) The Java programming language implements both SHA1 and MD5. The MessageDigest class is a factory for creating objects that encapsulate the fingerprinting algorithms. It has a static method, called getInstance, that returns an object of a class that extends the MessageDigest class. This means the MessageDigest class serves double duty:

?As a factory class

?As the superclass for all message digest algorithms

For example, here is how you obtain an object that can compute SHA fingerprints:

MessageDigest alg = MessageDigest.getInstance("SHA-1");

(To get an object that can compute MD5, use the string "MD5" as the argument to getInstance.)

After you have obtained a MessageDigest object, you feed it all the bytes in the message by repeatedly calling the update method. For example, the following code passes all bytes in a file to the alg object just created to do the fingerprinting：

InputStream in = . . .

int ch;

while ((ch = in.read()) != -1)

alg.update((byte) ch);

Alternatively, if you have the bytes in an array, you can update the entire array at once:

byte[] bytes = . . .;

alg.update(bytes);

When you are done, call the digest method. This method pads the input—as required by the fingerprinting algorithm—does the computation, and returns the digest as an array of bytes.

byte[] hash = alg.digest();

The program in Listing 9-15 computes a message digest, using either SHA or MD5. You can load the data to be digested from a file, or you can type a message in the text area.

Message Signing

In the last section, you saw how to compute a message digest, a fingerprint for the original message. If the message is altered, then the fingerprint of the altered message will not match the fingerprint of the original. If the message and its fingerprint are delivered separately, then the recipient can check whether the message has been tampered with. However, if both the message and the fingerprint were intercepted, it is an easy matter to modify the message and then recompute the fingerprint. After all, the message digest algorithms are publicly known, and they don't require secret keys. In that case, the recipient of the forged message and the recomputed fingerprint would never know that the message has been altered. Digital signatures solve this problem.

To help you understand how digital signatures work, we explain a few concepts from the field called public key cryptography. Public key cryptography is based on the notion of a public key and private key. The idea is that you tell everyone in the world your public key. However, only you hold the private key, and it is important that you safeguard it and don't release it to anyone else. The keys are matched by mathematical relationships, but the exact nature of these relationships is not important for us. (If you are interested, you can look it up in The Handbook of Applied Cryptography at http://www.cacr.math.uwaterloo.ca/hac/.)

The keys are quite long and complex. For example, here is a matching pair of public and

private Digital Signature Algorithm (DSA) keys.

Public key:

Code View:

p:

fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df 63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17

q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5

g:678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd7 3da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4

y:

c0b6e67b4ac098eb1a32c5f8c4c1f0e7e6fb9d832532e27d0bdab9ca2d2a8123ce5a8018b8161 a760480fadd040b927281ddb22cb9bc4df596d7de4d1b977d50

Private key:

Code View:

p:

fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df 63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17

q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5

g:

678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73 da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4

x: 146c09f881656cc6c51f27ea6c3a91b85ed1d70a

It is believed to be practically impossible to compute one key from the other. That is, even though everyone knows your public key, they can't compute your private key in your lifetime, no matter how many computing resources they have available.

It might seem difficult to believe that nobody can compute the private key from the public keys, but nobody has ever found an algorithm to do this for the encryption algorithms that are in common use today. If the keys are sufficiently long, brute force—simply trying all possible keys—would require more computers than can be built from all the atoms in the solar system, crunching away for thousands of years. Of course, it is possible that someone could come up with

algorithms for computing keys that are much more clever than brute force. For example, the RSA algorithm (the encryption algorithm invented by Rivest, Shamir, and Adleman) depends on the difficulty of factoring large numbers. For the last 20 years, many of the best mathematicians have tried to come up with good factoring algorithms, but so far with no success. For that reason, most cryptographers believe that keys with a "modulus" of 2,000 bits or more are currently completely safe from any attack. DSA is believed to be similarly secure.

Figure 9-12 illustrates how the process works in practice.

Suppose Alice wants to send Bob a message, and Bob wants to know this message came from Alice and not an impostor. Alice writes the message and then signs the message digest with her private key. Bob gets a copy of her public key. Bob then applies the public key to verify the signature. If the verification passes, then Bob can be assured of two facts:

?The original message has not been altered.

?The message was signed by Alice, the holder of the private key that matches the public key that Bob used for verification.

You can see why security for private keys is all-important. If someone steals Alice's private key or if a government can require her to turn it over, then she is in trouble. The thief or a government agent can impersonate her by sending messages, money transfer instructions, and so on, that others will believe came from Alice.

The X.509 Certificate Format

To take advantage of public key cryptography, the public keys must be distributed. One of the most common distribution formats is called X.509. Certificates in the X.509 format are widely used by VeriSign, Microsoft, Netscape, and many other companies, for signing e-mail messages, authenticating program code, and certifying many other kinds of data. The X.509 standard is part of the X.500 series of recommendations for a directory service by the international telephone standards body, the CCITT.

The precise structure of X.509 certificates is described in a formal notation, called "abstract syntax notation #1" or ASN.1. Figure 9-13 shows the ASN.1 definition of version 3 of the X.509 format. The exact syntax is not important for us, but, as you can see, ASN.1 gives a precise definition of the structure of a certificate file. The basic encoding rules, or BER, and a variation, called distinguished encoding rules (DER) describe precisely how to save this structure in a

binary file. That is, BER and DER describe how to encode integers, character strings, bit strings, and constructs such as SEQUENCE, CHOICE, and OPTIONAL.

中文译文：

Java核心技术卷Ⅱ高级特性

当Java技术刚刚问世时，令人激动的并不是因为它是一个设计完美的编程语言，而是因为它能够安全地运行通过因特网传播的各种applet。很显然，只有当用户确信applet 的代码不会破坏他的计算机时，用户才会接受在网上传播的可执行的applet。正因为如此，无论过去还是现在，安全都是设计人员和Java技术使用者所关心的一个重大问题。这就意味着，Java技术与其他的语言和系统有所不同，在那些语言和系统中安全是事后才想到要去实现的，或者仅仅是对破坏的一种应对措施，而对Java技术来说，安全机制是一个不可分割的组成部分。

Java技术提供了以下三种确保安全的机制：

(1)语言设计特性（对数组的边界进行检查，无不检查类型的转换，无指针算法等）。

(2)访问控制机制，用于控制代码能够执行的功能（比如文件访问，网络访问等）。

(3) 代码签名，利用该特性，代码的作者就能够用标准的加密算法来表明Java代码的身份。这样，该代码的使用者就能够准确地知道谁创建了该代码，以及代码被标识后是否被修改过。

下面，我们要介绍java.security包提供的加密算法，用来进行代码的标识和用户身份认证。

正如我们前面所说，applet 是在Java平台上开始流行起来的。实际上，人们发现尽管他们可以编写像著名的“nervous text”那样栩栩如生的applet，但是在JDK1.0安全模式下无法发挥其一整套非常有用的作用。例如，由于JDK1.0下的applet要受到严密的监督，因此，即使applet在公司安全内部网上运行时的风险相对较小，applet也无法在企业内部网上发挥很大的作用。Sun公司很快就认识到，要使applet真正变得非常有用，用户必须可以根据applet的来源为其分配不同的安全级别。如果applet来自值得信赖的提供商，并且没有被篡改过，那么applet的用户就可以决定是否给applet授予更多的运行特权。

如果要给予applet更多的信赖，你必须知道下面两件事：

(1)applet来自哪里？

(2)在传输过程中代码是否被破坏？

在过去的50年里，数学家和技术机科学家已经开发出各种各样成熟的算法，用于确保数据和电子签名的完整性，在java.security包中包含了许多这些算法的实现。在下面几节，我们将要介绍消息摘要是如何检测数据文件中的变化的，以及数字签名是如何证明签名者的身份的。

消息摘要是数据块的数字指纹。例如，所谓的SHA1（安全散列算法#1）可将任何数据块，无论其数据有多长，都压缩为160位（20字节）的序列。与真实的指纹一样，人们希望任何两条消息都不会有相同的SHA1指纹。当然这是不可能的—因为只存在2160 个SHA1指纹，所有肯定会有某些消息具有相同的指纹。因为2160是一个很大的数字，所以存在重复指纹的可能性微乎其微，那么这种重复的可能性到底小到什么程度呢？根据James Walsh 在他的《True Odds:How Risks Affect Your Everyday Life》,Merritt Publishing出版社1996年出版，一书中所阐述的，你和他们所有的人都死于雷击的概率，比伪造的消息与原来消息具有相同的SHA1指纹的概率还要高。（当然，可能有你不认识的其他10个以上的人会死于雷击，但这里我们讨论的是你选择的特定的人的死亡概率）。

消息摘要具有两个基本属性：

(1)如果数据的1位或者几位改变了，那么消息摘要也将改变。

(2）拥有给定消息的伪造者不能创建与原消息具有相同摘要的假消息。

当然，第二个属性又是一个概率问题。让我们来看看下面这位亿万富翁下的遗嘱：“我死了之后，我的财产将由我的孩子平分，但是，我的儿子George应该拿不到一个子。”

这份遗嘱的SHA1指纹为：

2D 8B 35 F3 BF 49 CD B1 94 04 E0 66 21 2B 5E 57 70 49 E1 7E

这位有疑心病的父亲将这份遗嘱交给一位律师保存，而将指纹交给另一位律师保存。现在，假设George能够贿赂那位保存遗嘱的律师，他想修改这份遗嘱，使得Bill一无所得。当然，这需要将原指纹改为下面这样完全不同的位模式：

2A 33 0B 4B B3 FE CC 1C 9D 5C 01 A7 09 51 0B 49 AC 8F 98 92

那么George能够找到与该指纹相匹配的其他文字吗？如果从地球形成之时，他就很自豪地拥有10亿台计算机，每台计算机每秒钟处理一百万条信息，他依然无法找到一个能够替换的遗嘱。

人们已经设计出大量的算法，用于计算这些消息摘要，其中最著名的两种算法是SHAI 和MD5。SHAI是由美国国家标准和技术学会开发的加密散列算法，MD5是由麻省理工学院的Ronald Rivest发明的算法。这两种算法都使用了独特巧妙的方法对消息中的各个位进行扰乱。如果要了解这些方法的详细信息，请参阅William Stallings撰写的《Cryptography and Network Security》一书，该书由Prentice Hall出版社于2005年出版口值得注意的是，最近人们在这两种算法中发现了某些微妙的规律性，因此许多密码人员建议最好避免使用MD5，而应该使用SHA1算法，直到有更强的加密算法出现。（查看https://www.360docs.net/doc/7618167438.html,/rsalabs/node.asp?id=2834以了解更多的信息）。

Java编程语言已经实现了SHA1和MD5。MessageDigest类是用于创建封装了指纹算法的对象的“工厂”，它的静态方法getInstance返回继承了MessageDigest类的某个类的对象。这意味着MessageDigest类能够承担下面的双重职责：

（1）作为一个工厂类。

（2）作为所有消息摘要算法的超类。

例如，下面是如何获取一个能够计算SHA指纹的对象的方法：

MessageDigest alg = MessageDigest.getI nstance(“SHA-1”)；

（如果要获取计算MD5的对象，请使用字符串“MD5”作为getInstance的参数。）当你已经获取MessageDigest对象之后，通过反复调用update方法，将信息中的所有字节提供给该对象。例如，下面的代码将文件中的所有字节传给上面建立的alg对象，以执行指纹算法：

InputStream in=….

int ch；

while((ch=in.read())!=-1)

alg.updat((byte) ch)；

另外，如果这些字节存放在一个数组中，那就可以一次完成整个数组的更新：

byte[] bytes =．．．；

alg.update(bytes)；

当完成上述操作后，调用digest方法。该方法填充输入信息—指纹算法需要的—并且进行相应的计算，然后以字节数组的形式返回消息摘要。

byte[] hash=alg.digest()；

程序清单9-15中的程序计算了一个消息摘要，既可以用SHA，也可以使用MD5来计算。

可以从文件加载需要计算摘要的数据，也可以直接将信息输入文本区域。图9-11显示了该应用程序的画面。

消息签名

在上一节中，我们介绍了如何计算原始消息的消息摘要和指纹的方法。如果消息改变了，那么改变后的消息的指纹与原消息的指纹将不匹配。如果消息和它的指纹是分开传送的，那么接收者就可以检查消息是否被篡改过。但是，如果消息和指纹同时被截获了，对消息进行修改，再重新计算指纹，这是一件很容易的事情。毕竟，消息摘要算法是公开的，不需要使用任何密钥。在这种情况下，假消息和新指纹的接收者永远不会知道消息已经被篡改。数字签名解决了这个问题。

为了了解数字签名的工作原理，我们需要解释关于公共密钥加密技术领域中的几个概念。公共密钥加密技术是基于公共密钥和私有密钥这个两个基本概念的。它的设计思想是你可以将公共密钥告诉世界上的任何人，但是，只有自己才拥有私有密钥，重要的是你要保护你的私有密钥，不将它泄漏给其他任何入。这些密钥之间存在一定的数学关系，但是这种关系的具体性质对于实际的编程来说并不重要(如果你有兴趣，可以参阅http://www.cacr.math.uwaterloo.ca/hac/站点上的《The Handbook of Applied Cryptography》一书)。

密钥非常长，而且很复杂。例如，下面是一对匹配的数字签名算法(DSA)公共密钥和私有密钥。

公共密钥：

p:

fca682ce8e12caba26efccf7ll0e526db078b05e6ecbcdleb4a208f3ae1617ae0lf35b9la 47e6df63413c5e12ed0899bcd132acd50d9915lbdc43ee737592el7

q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5

g:67847lb27a9cf44ee9la49c5147dbla9aaf244f05a434d648693ld2d1427lb9e35030b7 lfd73da179069b32e2935630elc2062354d0da20a6c416e50be794ca4

y：

c0b6e67b4ac098ebla32c5f8c4clfee7e6fb9d832532e27d0bdab9ca2d2a8123ce5a8018b 816la6048efadd040b927281ddb22cb9bc4df596d7de4dlb977dS0

私有密钥：

p：

fca682ce8e12caba26efccf7ll0e526db078b05edecbcdleb4a208f3ae1617ae0lf35b9la4 7e6df63413c5e12ed0899bcd132acd50d9915lbdc43ee737592e17

q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5

g：

67847lb27a9cf44ee9la49c5147dbla9aaf244f05a434d648693ld2d1427lb9e35030b7lfd 73da179069b32e2935630elc2062354d0da20a6c416e50be794ca4

x: 146c09f881656cc6c5lf27ea6c3a9lb85edld70a

在现实中，几乎不可能用一个密钥去推算出另一个密钥。也就是说，即使每个人都知道你的公共密钥，不管他们拥有多少计算资源，他们一辈子也无法计算出你的私有密钥。

任何人都无法根据公共密钥来推算私有密钥，这似乎让人难以置信。但是时至今日，还没有人能够找到一种算法，来为现在常用的加密算法进行这种推算。如果密钥足够长，那么要是使用穷举法—也就是直按试验所有可能的密钥—所需要的计算机将比用太阳系中的所有原子来制造的计算机还要多，而且还得花费数千年的时间。当然，可能会有人提出比穷举更灵活的计算密钥的算法。例如，RSA算法（该加密算法由Rivest, Shamir和Adleman 发明）就利用了对数值巨大的数字进行因子分解的困难性。在最近20年里，许多优秀的数学家都在尝试提出好的因子分解算法，但是迄今为止都没有成功。据此，大多数密码学者认为，拥有2000位或者更多位“模数”的密钥目前是完全安全的，可以抵御任何攻击。DSA 被认为具有类似的安全性。

图9-12展示了这项工作的处理过程。

假设Alice想要给Bob发送一个消息，Bob想知道该消息是否来自Alice，而不是冒名顶替者。Alice写好了消息，并且用她的私有密钥对该消息摘要签名。 Bob得到了她的公共密钥的拷贝，然后Bob用公共密钥对该签名进行校验。如果通过了校验，则Bob可以确认以下两个事实：

（1)原始消息没有被篡改过。

（2)该消息是由Alice签名的，她是私有密钥的持有者，该私有密钥就是Bob

与她用于校验的公共密钥相匹配的密钥。

你可以看到私有密钥的安全性为什么是最重要的。如果某个人偷了Alice的私有密钥，或者政府要求她交出私有密钥，那么她就麻烦了。小偷或者政府代表就可以假扮她的身份来发送消息和资金转账指令等等，而其他人则会相信这些消息确实来自于Alice。

X.509证书格式

为了利用公共密钥这种密码系统，必须将公共密钥分发出去。最通用的一种签名证书格式称为X.509格式。X.509格式的证书被VeriSign、微软、网景和其他许多公司广泛应用于对电子邮件消息进行签名，对程序代码进行认证，以及对许多其他类型的数据进行认证等等。 X.509标准是由国际电话标准机构，即国际电报电话咨询委员会(CCITT)提出的用于目录服务的X.500系列建议的组成部分。

X.509证书的具体结构是用一种形式化表示来描述的，称为“抽象语法表示法#1”(abstract syntax notation)即ASN.1。图9-13显示了第3版X.509格式的ASN.1定义。虽然具体的语法对我们并不重要，但是你可以看到，ASN.1为证书文件的结构给出了精确的定义。“基本编码规则”(basic encoding rules)，即BER，精确地描述了如何将该结构保存为二迸制文件。也就是说，BER描述了如何对整数、字符串、位串以及诸如SEQUENCE、CHOICE和OPTIONAL的结构进行编码的方法。

毕业论文外文翻译模版

吉林化工学院理学院 毕业论文外文翻译English Title（Times New Roman ，三号） 学生学号：08810219 学生姓名：袁庚文 专业班级：信息与计算科学0802 指导教师：赵瑛 职称副教授 起止日期：2012.2.27～2012.3.14 吉林化工学院 Jilin Institute of Chemical Technology

1 外文翻译的基本内容 应选择与本课题密切相关的外文文献（学术期刊网上的），译成中文，与原文装订在一起并独立成册。在毕业答辩前，同论文一起上交。译文字数不应少于3000个汉字。 2 书写规范 2.1 外文翻译的正文格式 正文版心设置为：上边距：3.5厘米，下边距：2.5厘米，左边距：3.5厘米，右边距：2厘米，页眉：2.5厘米，页脚：2厘米。 中文部分正文选用模板中的样式所定义的“正文”，每段落首行缩进2字；或者手动设置成每段落首行缩进2字，字体：宋体，字号：小四，行距：多倍行距1.3，间距：前段、后段均为0行。 这部分工作模板中已经自动设置为缺省值。 2.2标题格式 特别注意：各级标题的具体形式可参照外文原文确定。 1．第一级标题（如：第1章绪论）选用模板中的样式所定义的“标题1”，居左；或者手动设置成字体：黑体，居左，字号：三号，1.5倍行距，段后11磅，段前为11磅。 2．第二级标题（如：1.2 摘要与关键词）选用模板中的样式所定义的“标题2”，居左；或者手动设置成字体：黑体，居左，字号：四号，1.5倍行距，段后为0，段前0.5行。 3．第三级标题（如：1.2.1 摘要）选用模板中的样式所定义的“标题3”，居左；或者手动设置成字体：黑体，居左，字号：小四，1.5倍行距，段后为0，段前0.5行。 标题和后面文字之间空一格（半角）。 3 图表及公式等的格式说明 图表、公式、参考文献等的格式详见《吉林化工学院本科学生毕业设计说明书（论文）撰写规范及标准模版》中相关的说明。

计算机专业毕业设计说明书外文翻译(中英对照)

Talking about security loopholes Richard S. Kraus reference to the core network security business objective is to protect the sustainability of the system and data security, This two of the main threats come from the worm outbreaks, hacking attacks, denial of service attacks, Trojan horse. Worms, hacker attacks problems and loopholes closely linked to, if there is major security loopholes have emerged, the entire Internet will be faced with a major challenge. While traditional Trojan and little security loopholes, but recently many Trojan are clever use of the IE loophole let you browse the website at unknowingly were on the move. Security loopholes in the definition of a lot, I have here is a popular saying: can be used to stem the "thought" can not do, and are safety-related deficiencies. This shortcoming can be a matter of design, code realization of the problem. Different perspective of security loo phole s In the classification of a specific procedure is safe from the many loopholes in classification. 1. Classification from the user groups: ● Public loopholes in the software category. If the loopholes in Windows, IE loophole, and so on. ● specialized software loophole. If Oracle loopholes, Apach e,

概率论毕业论文外文翻译

Statistical hypothesis testing Adriana Albu，Loredana Ungureanu Politehnica University Timisoara,adrianaa@aut.utt.ro Politehnica University Timisoara,loredanau@aut.utt.ro Abstract In this article,we present a Bayesian statistical hypothesis testing inspection, testing theory and the process Mentioned hypothesis testing in the real world and the importance of, and successful test of the Notes. Key words Bayesian hypothesis testing; Bayesian inference;Test of significance Introduction A statistical hypothesis test is a method of making decisions using data, whether from a controlled experiment or an observational study (not controlled). In statistics, a result is called statistically significant if it is unlikely to have occurred by chance alone, according to a pre-determined threshold probability, the significance level. The phrase "test of significance" was coined by Ronald Fisher: "Critical tests of this kind may be called tests of significance, and when such tests are available we may discover whether a second sample is or is not significantly different from the first."[1] Hypothesis testing is sometimes called confirmatory data analysis, in contrast to exploratory data analysis. In frequency probability,these decisions are almost always made using null-hypothesis tests. These are tests that answer the question Assuming that the null hypothesis is true, what is the probability of observing a value for the test statistic that is at [] least as extreme as the value that was actually observed?) 2 More formally, they represent answers to the question, posed before undertaking an experiment,of what outcomes of the experiment would lead to rejection of the null hypothesis for a pre-specified probability of an incorrect rejection. One use of hypothesis testing is deciding whether experimental results contain enough information to cast doubt on conventional wisdom. Statistical hypothesis testing is a key technique of frequentist statistical inference. The Bayesian approach to hypothesis testing is to base rejection of the hypothesis on the posterior probability.[3][4]Other approaches to reaching a decision based on data are available via decision theory and optimal decisions. The critical region of a hypothesis test is the set of all outcomes which cause the null hypothesis to be rejected in favor of the alternative hypothesis. The critical region is usually denoted by the letter C. One-sample tests are appropriate when a sample is being compared to the population from a hypothesis. The population characteristics are known from theory or are calculated from the population.

计算机专业英语名词(缩写及翻译)

AAT（Average access time，平均存取时间） ABS（Auto Balance System，自动平衡系统） AM（Acoustic Management，声音管理） ASC（Advanced Size Check，高级尺寸检查） ASMO（Advanced Storage Magneto-Optical，增强形光学存储器） AST（Average Seek time，平均寻道时间） ATA（Advanced Technology Attachment，高级技术附加装置）ATOMM（Advanced super Thin-layer and high-Output Metal Media，增强形超薄高速金属媒体） BBS（BIOS Boot Specification，基本输入/输出系统启动规范） BPI（Bit Per Inch，位/英寸） bps（bit per second，位/秒） bps（byte per second，字节/秒） CAM（Common Access Model，公共存取模型） CF（CompactFlash Card，紧凑型闪存卡） CHS（Cylinders、Heads、Sectors，柱面、磁头、扇区） CSS（Common Command Set，通用指令集） DBI（dynamic bus inversion，动态总线倒置） DIT（Disk Inspection Test，磁盘检查测试） DMA（Direct Memory Access，直接内存存取） DTR（Disk Transfer Rate，磁盘传输率） EIDE（enhanced Integrated Drive Electronics，增强形电子集成驱动器）eSATA（External Serial ATA，扩展型串行ATA） FDB（fluid-dynamic bearings，动态轴承） FAT（File Allocation T ables，文件分配表） FC（Fibre Channel，光纤通道） FDBM（Fluid dynamic bearing motors，液态轴承马达） FDB（Fluid Dynamic Bearing，非固定动态轴承） FDC（Floppy Disk Controller，软盘驱动器控制装置） FDD（Floppy Disk Driver，软盘驱动器） GMR（giant magnetoresistive，巨型磁阻） HDA（Head Disk Assembly，头盘组件） HiFD（high-capacity floppy disk，高容量软盘） IDE（Integrated Drive Electronics，电子集成驱动器） IPEAK SPT（Intel Performance Evaluation and Analysis Kit - Storage Performance Toolkit，英特尔性能评估和分析套件- 存储性能工具包）JBOD（Just a Bunch Of Disks，磁盘连续捆束阵列） LBA（Logical Block Addressing，逻辑块寻址） MR（Magneto-resistive Heads，磁阻磁头） MBR（Master Boot Record，主引导记录） ms（Millisecond，毫秒） MSR（Magnetically induced Super Resolution，磁感应超分辨率）MTBF（Mean Time Before Failure，平均无故障时间） NQC（Native Queuing Command，内部序列命令）

计算机专业外文文献及翻译

微软Visual Studio 1微软Visual Studio Visual Studio 是微软公司推出的开发环境，Visual Studio可以用来创建Windows平台下的Windows应用程序和网络应用程序，也可以用来创建网络服务、智能设备应用程序和Office 插件。Visual Studio是一个来自微软的集成开发环境IDE，它可以用来开发由微软视窗，视窗手机，Windows CE、.NET框架、.NET精简框架和微软的Silverlight支持的控制台和图形用户界面的应用程序以及Windows窗体应用程序，网站，Web应用程序和网络服务中的本地代码连同托管代码。 Visual Studio包含一个由智能感知和代码重构支持的代码编辑器。集成的调试工作既作为一个源代码级调试器又可以作为一台机器级调试器。其他内置工具包括一个窗体设计的GUI应用程序，网页设计师，类设计师，数据库架构设计师。它有几乎各个层面的插件增强功能，包括增加对支持源代码控制系统（如Subversion和Visual SourceSafe）并添加新的工具集设计和可视化编辑器，如特定于域的语言或用于其他方面的软件开发生命周期的工具（例如Team Foundation Server的客户端：团队资源管理器）。 Visual Studio支持不同的编程语言的服务方式的语言，它允许代码编辑器和调试器（在不同程度上）支持几乎所有的编程语言，提供了一个语言特定服务的存在。内置的语言中包括C/C + +中（通过Visual C++）,https://www.360docs.net/doc/7618167438.html,（通过Visual https://www.360docs.net/doc/7618167438.html,），C＃中（通过Visual C＃）和F＃（作为Visual Studio 2010），为支持其他语言，如M,Python,和Ruby等，可通过安装单独的语言服务。它也支持的 XML/XSLT,HTML/XHTML ,JavaScript和CSS.为特定用户提供服务的Visual Studio也是存在的：微软Visual Basic，Visual J＃、Visual C＃和Visual C++。 微软提供了“直通车”的Visual Studio 2010组件的Visual Basic和Visual C＃和Visual C + +，和Visual Web Developer版本，不需任何费用。Visual Studio 2010、2008年和2005专业版，以及Visual Studio 2005的特定语言版本（Visual Basic、C++、C＃、J＃），通过微软的下载DreamSpark计划，对学生免费。 2架构 Visual Studio不支持任何编程语言，解决方案或工具本质。相反，它允许插入各种功能。特定的功能是作为一个VS压缩包的代码。安装时，这个功能可以从服务器得到。IDE提供三项服务：SVsSolution，它提供了能够列举的项目和解决方案; SVsUIShell，它提供了窗口和用户界面功能（包括标签，工具栏和工具窗口）和SVsShell，它处理VS压缩包的注册。此外，IDE还可以负责协调和服务之间实现通信。所有的编辑器，设计器，项目类型和其他工具都是VS压缩包存在。Visual Studio 使用COM访问VSPackage。在Visual Studio SDK中还包括了管理软件包框架(MPF)，这是一套管理的允许在写的CLI兼容的语言的任何围绕COM的接口。然而，MPF并不提供所有的Visual Studio COM 功能。

毕业论文 外文翻译#(精选.)

毕业论文（设计）外文翻译 题目：中国上市公司偏好股权融资：非制度性因素 系部名称：经济管理系专业班级:会计082班 学生姓名：任民学号： 200880444228 指导教师：冯银波教师职称:讲师 年月日

译文： 中国上市公司偏好股权融资：非制度性因素 国际商业管理杂志 2009.10 摘要：本文把重点集中于中国上市公司的融资活动，运用西方融资理论，从非制度性因素方面，如融资成本、企业资产类型和质量、盈利能力、行业因素、股权结构因素、财务管理水平和社会文化，分析了中国上市公司倾向于股权融资的原因，并得出结论，股权融资偏好是上市公司根据中国融资环境的一种合理的选择。最后，针对公司的股权融资偏好提出了一些简明的建议。 关键词：股权融资，非制度性因素，融资成本 一、前言 中国上市公司偏好于股权融资，根据中国证券报的数据显示，1997年上市公司在资本市场的融资金额为95.87亿美元，其中股票融资的比例是72.5％，，在1998年和1999年比例分别为72.6％和72.3％，另一方面，债券融资的比例分别是17.8％，24.9％和25.1％。在这三年，股票融资的比例，在比中国发达的资本市场中却在下跌。以美国为例，当美国企业需要的资金在资本市场上，于股权融资相比他们宁愿选择债券融资。统计数据显示，从1970年到1985年，美日企业债券融资占了境外融资的91.7％，比股权融资高很多。阎达五等发现，大约中国3/4的上市公司偏好于股权融资。许多研究的学者认为，上市公司按以下顺序进行外部融资：第一个是股票基金，第二个是可转换债券，三是短期债务，最后一个是长期负债。许多研究人员通常分析我国上市公司偏好股权是由于我们国家的经济改革所带来的制度性因素。他们认为，上市公司的融资活动违背了西方古典融资理论只是因为那些制度性原因。例如，优序融资理论认为，当企业需要资金时，他们首先应该转向内部资金（折旧和留存收益），然后再进行债权融资，最后的选择是股票融资。在这篇文章中，笔者认为，这是因为具体的金融环境激活了企业的这种偏好，并结合了非制度性因素和西方金融理论，尝试解释股权融资偏好的原因。

计算机专业外文文献翻译6

外文文献翻译（译成中文2000字左右）： As research laboratories become more automated,new problems are arising for laboratory managers.Rarely does a laboratory purchase all of its automation from a single equipment vendor. As a result,managers are forced to spend money training their users on numerous different software packages while purchasing support contracts for each. This suggests a problem of scalability. In the ideal world,managers could use the same software package to control systems of any size; from single instruments such as pipettors or readers to large robotic systems with up to hundreds of instruments. If such a software package existed, managers would only have to train users on one platform and would be able to source software support from a single vendor. If automation software is written to be scalable, it must also be flexible. Having a platform that can control systems of any size is far less valuable if the end user cannot control every device type they need to use. Similarly, if the software cannot connect to the customer’s Laboratory Information Management System (LIMS) database,it is of limited usefulness. The ideal automation software platform must therefore have an open architecture to provide such connectivity. Two strong reasons to automate a laboratory are increased throughput and improved robustness. It does not make sense to purchase high-speed automation if the controlling software does not maximize throughput of the system. The ideal automation software, therefore, would make use of redundant devices in the system to increase throughput. For example, let us assume that a plate-reading step is the slowest task in a given method. It would make that if the system operator connected another identical reader into the system, the controller software should be able to use both readers, cutting the total throughput time of the reading step in half. While resource pooling provides a clear throughput advantage, it can also be used to make the system more robust. For example, if one of the two readers were to experience some sort of error, the controlling software should be smart enough to route all samples to the working reader without taking the entire system offline. Now that one embodiment of an ideal automation control platform has been described let us see how the use of C++ helps achieving this ideal possible. DISCUSSION C++: An Object-Oriented Language Developed in 1983 by BjarneStroustrup of Bell Labs,C++ helped propel the concept of object-oriented programming into the mainstream.The term ‘‘object-oriented programming language’’ is a familiar phrase that has been in use for decades. But what does it mean? And why is it relevant for automation software? Essentially, a language that is object-oriented provides three important programming mechanisms:

毕业论文外文翻译模板

农村社会养老保险的现状、问题与对策研究社会保障对国家安定和经济发展具有重要作用，“城乡二元经济”现象日益凸现，农村社会保障问题客观上成为社会保障体系中极为重要的部分。建立和完善农村社会保障制度关系到农村乃至整个社会的经济发展，并且对我国和谐社会的构建至关重要。我国农村社会保障制度尚不完善，因此有必要加强对农村独立社会保障制度的构建，尤其对农村养老制度的改革，建立健全我国社会保障体系。从户籍制度上看，我国居民养老问题可分为城市居民养老和农村居民养老两部分。对于城市居民我国政府已有比较充足的政策与资金投人，使他们在物质和精神方面都能得到较好地照顾，基本实现了社会化养老。而农村居民的养老问题却日益突出，成为摆在我国政府面前的一个紧迫而又棘手的问题。 一、我国农村社会养老保险的现状 关于农村养老，许多地区还没有建立农村社会养老体系，已建立的地区也存在很多缺陷，运行中出现了很多问题，所以完善农村社会养老保险体系的必要性与紧迫性日益体现出来。 （一）人口老龄化加快 随着城市化步伐的加快和农村劳动力的输出，越来越多的农村青壮年人口进入城市，年龄结构出现“两头大，中间小”的局面。中国农村进入老龄社会的步伐日渐加快。第五次人口普查显示：中国65岁以上的人中农村为5938万，占老龄总人口的67.4%.在这种严峻的现实面前，农村社会养老保险的徘徊显得极其不协调。 （二）农村社会养老保险覆盖面太小 中国拥有世界上数量最多的老年人口，且大多在农村。据统计，未纳入社会保障的农村人口还很多，截止2000年底，全国7400多万农村居民参加了保险，占全部农村居民的11.18%，占成年农村居民的11.59%.另外，据国家统计局统计，我国进城务工者已从改革开放之初的不到200万人增加到2003年的1.14亿人。而基本方案中没有体现出对留在农村的农民和进城务工的农民给予区别对待。进城务工的农民既没被纳入到农村养老保险体系中，也没被纳入到城市养老保险体系中，处于法律保护的空白地带。所以很有必要考虑这个特殊群体的养老保险问题。

计算机专业外文翻译

专业外文翻译 题目JSP Technology Conspectus and Specialties 系（院）计算机系 专业计算机科学与技术 班级 学生姓名 学号 指导教师 职称讲师 二〇一三年五月十六日

JSP Technology Conspectus and Specialties The JSP (Java Server Pages) technology is used by the Sun micro-system issued by the company to develop dynamic Web application technology. With its easy, cross-platform, in many dynamic Web application programming languages, in a short span of a few years, has formed a complete set of standards, and widely used in electronic commerce, etc. In China, the JSP now also got more extensive attention; get a good development, more and more dynamic website to JSP technology. The related technologies of JSP are briefly introduced. The JSP a simple technology can quickly and with the method of generating Web pages. Use the JSP technology Web page can be easily display dynamic content. The JSP technology are designed to make the construction based on Web applications easier and efficient, and these applications and various Web server, application server, the browser and development tools work together. The JSP technology isn't the only dynamic web technology, also not the first one, in the JSP technology existed before the emergence of several excellent dynamic web technologies, such as CGI, ASP, etc. With the introduction of these technologies under dynamic web technology, the development and the JSP. Technical JSP the development background and development history In web brief history, from a world wide web that most of the network information static on stock transactions evolution to acquisition of an operation and infrastructure. In a variety of applications, may be used for based on Web client, look no restrictions. Based on the browser client applications than traditional based on client/server applications has several advantages. These benefits include almost no limit client access and extremely simplified application deployment and management (to update an application, management personnel only need to change the program on a server, not thousands of installation in client applications). So, the software industry is rapidly to build on the client browser multilayer application. The rapid growth of exquisite based Web application requirements development of

毕业论文外文资料翻译

毕业论文外文资料翻译题目(宋体三号，居中) 学院(全称，宋体三号，居中) 专业(全称，宋体三号，居中) 班级(宋体三号，居中) 学生(宋体三号，居中) 学号(宋体三号，居中) 指导教师(宋体三号，居中) 二〇一〇年月日(宋体三号，居中，时间与开题时间一致)

（英文原文装订在前）

Journal of American Chemical Society, 2006, 128(7): 2421-2425. (文献翻译必须在中文译文第一页标明文献出处：即文章是何期刊上发表的，X年X 卷X期，格式如上例所示，四号，右对齐，杂志名加粗。) [点击输入译文题目-标题1，黑体小二] [点击输入作者，宋体小四] [点击输入作者单位，宋体五号] 摘要[点击输入，宋体五号] 关键词[点击输入，宋体五号] 1[点击输入一级标题-标题2，黑体四号] [点击输入正文，宋体小四号，1.25倍行距] 1.1[点击输入二级标题-标题3，黑体小四] [点击输入正文，宋体小四，1.25倍行距] 1.1.1[点击输入三级标题-标题4，黑体小四] [点击输入正文，宋体小四，1.25倍行距] 说明： 1.外文文章必须是正规期刊发表的。 2.翻译后的中文文章必须达到2000字以上，并且是一篇完整文章。 3.必须要有外文翻译的封面，使用学校统一的封面； 封面上的翻译题目要写翻译过来的中文题目； 封面上时间与开题时间一致。 4.外文原文在前，中文翻译在后； 5.中文翻译中要包含题目、摘要、关键词、前言、全文以及参考文献，翻译要条理

清晰，中文翻译要与英文一一对应。 6.翻译中的中文文章字体为小四，所有字母、数字均为英文格式下的，中文为宋体， 标准字符间距。 7.原文中的图片和表格可以直接剪切、粘贴，但是表头与图示必须翻译成中文。 8.图表必须居中，文章段落应两端对齐、首行缩进2个汉字字符、1.25倍行距。 例如： 图1. 蛋白质样品的PCA图谱与8-卟啉识别排列分析(a)或16-卟啉识别排列分析(b)。为了得到b 的 数据矩阵，样品用16-卟啉识别排列分析来检测，而a 是通过捕获首八卟啉接收器数据矩阵从 b 中 萃取的。

计算机专业外文文献及翻译

计算机专业外文文献及翻译 微软Visual Studio 1微软Visual Studio 是微软公司推出的软软软境～可以用软建来平台下的 Visual Studio Visual StudioWindows 软用程序和软软用程序～也可以用软建软服软、智能软软软用程序和网来网 插件。WindowsOffice Visual 是一自微软的个来集成软软软境;,～可以用软软由它来微StudioIDEinteqrated development environment软软窗～软手机窗～、框架、精软架框和微软的支持的控制台和软Windows https://www.360docs.net/doc/7618167438.html,Silverlight 形用软界面的软用程序以及窗体软用程序～站网～软用程序和软服软网中的本地代软软同托管WindowsWeb 代软。 包含一由个智能感知和代软重构支持的代软软软器。集成的软软工作作软一源代软软软既个Visual Studio 软器又可以作软一台机器软软软器。其他置工具包括一软软内个窗体的软用程序～软软软软～软软软软～网数据软架GUI 构软软软。有乎各软面的件增强功能～包括增加软支持它几个插源代软控制系软;如和SubversionVisual ,添加新的工具集软软和可软化软软器～如并特定于域的软言或用于其他方面的软件软软生命周期SourceSafe 的工具;例如的客软端,软软软源管理器,。Team Foundation Server

支持不同的软程软言的服软方式的软言～允软代软软软器和软软器;在不同程 度上,支持它Visual Studio 几乎所有的软程软言～提供了一软言特定服软的存在。置的软言中包括个内中;通软C/C + +Visual C+,;通软,～,中;通软,,和,;作软+,https://www.360docs.net/doc/7618167438.html,Visual https://www.360docs.net/doc/7618167438.html,CVisual CFVisual Studio ,～软支持其他软言～如和等～可通软安软的软言服软。软也支持装独它的2010M,Python,Ruby 和软特定用软提供服软的也是存在的,微 XML/XSLT,HTML/XHTML ,JavaScriptCSS.Visual Studio软～,、,和。Visual BasicVisual JVisual CVisual C++ 微软提供了“直通软”的软件的和,和～Visual Studio 2010Visual BasicVisual CVisual C + +和版本～不需任何软用。、年和软软版～以及Visual Web DeveloperVisual Studio 201020082005 的特定软言版本;、、,、,,～通软微软的下软Visual Studio 2005Visual BasicC++CJ 软～软生免软。划学DreamSpark 2架构 不支持任何软程软言～解方案或工具本软。相反～允软入各软功能。特定的功决它插Visual Studio 能是作软一个软软包的代软。安软～软功能可以服软器得到。装个从提供三软服软,～VSIDESVsSolution它决提供了能软列软的软目和解方案～提供了口和用软界面功能;包括软软～工具软和工它窗; SVsUIShell 具口,和窗～软理它软软包的注。此外～册软可以软软软软和服软之软软软通信。所有的软软器～SVsShellVSIDE

计算机专业英语翻译

国家计算机教育认证 计算机英语 计算机英语词汇对译 蒙阴高新电脑学校 资料整理：孙波 IT CFAC gaoxindiannaoxuexiao

2010年9月1日

?PC personal computer 个人计算机 ?IBM International Business Machine 美国国际商用机器公司的公司简称，是最早推出的个人 计算机品牌。 ?Intel 美国英特尔公司，以生产CPU芯片著称。 ?Pentium Intel公司生产的586 CPU芯片,中文译名为“奔腾”。 ?Address地址 ?Agents代理 ?Analog signals模拟信号 ?Applets程序 ?Asynchronous communications port异步通信端口 ?Attachment附件 ?Access time存取时间 ?access存取 ?accuracy准确性 ?ad network cookies广告网络信息记录软件 ?Add-ons 插件 ?Active-matrix主动矩阵 ?Adapter cards适配卡 ?Advanced application高级应用 ?Analytical graph分析图表 ?Analyze分析 ?Animations动画 ?Application software 应用软件 ?Arithmetic operations算术运算 ?Audio-output device音频输出设备 ?Basic application基础程序 ?Binary coding schemes二进制译码方案 ?Binary system二进制系统 ?Bit比特 ?Browser浏览器 ?Bus line总线 ?Backup tape cartridge units备份磁带盒单元 ?Business-to-consumer企业对消费者 ?Bar code条形码 ?Bar code reader条形码读卡器 ?Bus总线 ?Bandwidth带宽 ?Bluetooth蓝牙 ?Broadband宽带 ?Business-to-business企业对企业电子商务 ?cookies-cutter programs信息记录截取程序 ?cookies信息记录程序

计算机专业毕业设计论文(C++)外文文献中英文翻译(Object)[1]

外文资料 Object landscapes and lifetimes Technically, OOP is just about abstract data typing, inheritance, and polymorphism, but other issues can be at least as important. The remainder of this section will cover these issues. One of the most important factors is the way objects are created and destroyed. Where is the data for an object and how is the lifetime of the object controlled? There are different philosophies at work here. C++ takes the approach that control of efficiency is the most important issue, so it gives the programmer a choice. For maximum run-time speed, the storage and lifetime can be determined while the program is being written, by placing the objects on the stack (these are sometimes called automatic or scoped variables) or in the static storage area. This places a priority on the speed of storage allocation and release, and control of these can be very valuable in some situations. However, you sacrifice flexibility because you must know the exact quantity, lifetime, and type of objects while you're writing the program. If you are trying to solve a more general problem such as computer-aided design, warehouse management, or air-traffic control, this is too restrictive. The second approach is to create objects dynamically in a pool of memory called the heap. In this approach, you don't know until run-time how many objects you need, what their lifetime is, or what their exact type is. Those are determined at the spur of the moment while the program is running. If you need a new object, you simply make it on the heap at the point that you need it. Because the storage is managed dynamically, at run-time, the amount of time required to allocate storage on the heap is significantly longer than the time to create storage on the stack. (Creating storage on the stack is often a single assembly instruction to move the stack pointer down, and another to move it back up.) The dynamic approach makes the generally logical assumption that objects tend to be complicated, so the extra overhead of finding storage and releasing that storage will not have an important impact on the creation of an object. In addition, the greater flexibility is essential to solve the general