小蚁NEO(数字资产管理)白皮书 1.0

区块链技术安全白皮书1目录 contents一 、 简述 ................................................................2二、 基础网络安全风险 ....................................................332.1数据层：信息攻击与加密算法攻击 ..............................................32.2网络层：节点传播与验证机制风险 ..............................................2.3解决方案与建议...............................................................4三、 平台层安全风险 .....................................................53.1共识层：常见共识机制安全性对比 ..............................................553.2激励层：发行与分配机制风险 ...................................................63.3合约层相关安全风险 ..........................................................63.4解决方案与建议...............................................................四、 应用层安全风险 .....................................................774.1 节点常见安全问题 ..............................................................4.2 加密资产钱包安全性对比 .......................................................9114.3 加密资产交易平台常见安全问题 ..................................................五 、 小结 ................................................................13一、 简述区块链技术目前的发展方兴未艾，大多的技术和应用处于试验阶段，目前发生的安全事件多集中出现于加密资产相关领域，给用户造成了较大的经济损失，其安全问题日益受到行业关注。

蚂蚁科技产品手册定位产品版本 : V20201030文档版本 : V20201030蚂蚁科技技术文档蚂蚁科技集团有限公司版权所有 © 2020 ，并保留一切权利。

未经蚂蚁科技事先书面许可，任何单位、公司或个人不得擅自摘抄、翻译、复制本文档内容的部分或全部，不得以任何方式或途径进行传播和宣传。

商标声明及其他蚂蚁科技服务相关的商标均为蚂蚁科技所有。

本文档涉及的第三方的注册商标，依法由权利人所有。

免责声明由于产品版本升级、调整或其他原因，本文档内容有可能变更。

蚂蚁科技保留在没有任何通知或者提示下对本文档的内容进行修改的权利，并在蚂蚁科技授权通道中不时发布更新后的用户文档。

您应当实时关注用户文档的版本变更并通过蚂蚁科技授权渠道下载、获取最新版的用户文档。

如因文档使用不当造成的直接或间接损失，本公司不承担任何责任。

目录1 定位简介12 接入 Android13 接入 iOS24 代码示例8q q q qq qq1 定位简介mPaaS 提供了定位组件以方便使用定位相关服务。

通过包装系统接口，该组件提供了如下功能：获取当前设备所在位置的经纬度信息的简易方法。

获取经纬度信息的时间和精确度信息。

支持缓存和坐标系转换。

Hook 所有系统 API 调用，统一定位流程。

2 接入 Android定位 SDK 是一套简单的 LBS（Location-based services）定位接口，您可以使用这套定位 API 获取定位结果。

定位支持 原生 AAR 接入、mPaaS Inside 接入 和 组件化接入 三种接入方式。

若采用原生 AAR 方式接入，需先完成 将 mPaaS 添加到您的项目中 的前提条件和后续相关步骤。

若采用 mPaaS Inside 方式接入，需先完成 mPaaS Inside 接入流程 。

若采用组件化方式接入，需先完成 组件化接入流程 。

参考 AAR 组件管理 ，通过 组件管理（AAR）在工程中安装 定位 组件。

Barrier GateUser ManualLegal Information©2022 Hangzhou Hikvision Digital Technology Co., Ltd. All rights reserved.About this ManualThe Manual includes instructions for using and managing the Product. Pictures, charts, images and all other information hereinafter are for description and explanation only. The information contained in the Manual is subject to change, without notice, due to firmware updates or other reasons. Please find the latest version of this Manual at the Hikvision website ( https:/// ).Please use this Manual with the guidance and assistance of professionals trained in supporting the Product.Trademarksand other Hikvision's trademarks and logos are the properties of Hikvision in various jurisdictions.Other trademarks and logos mentioned are the properties of their respective owners. DisclaimerTO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS MANUAL AND THE PRODUCT DESCRIBED, WITH ITS HARDWARE, SOFTWARE AND FIRMWARE, ARE PROVIDED "AS IS" AND "WITH ALL FAULTS AND ERRORS". HIKVISION MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, MERCHANTABILITY, SATISFACTORY QUALITY, OR FITNESS FOR A PARTICULAR PURPOSE. THE USE OF THE PRODUCT BY YOU IS AT YOUR OWN RISK. IN NO EVENT WILL HIKVISION BE LIABLE TO YOU FOR ANY SPECIAL, CONSEQUENTIAL, INCIDENTAL, OR INDIRECT DAMAGES, INCLUDING, AMONG OTHERS, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA, CORRUPTION OF SYSTEMS, OR LOSS OF DOCUMENTATION, WHETHER BASED ON BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY, OR OTHERWISE, IN CONNECTION WITH THE USE OF THE PRODUCT, EVEN IF HIKVISION HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSS.YOU ACKNOWLEDGE THAT THE NATURE OF THE INTERNET PROVIDES FOR INHERENT SECURITY RISKS, AND HIKVISION SHALL NOT TAKE ANY RESPONSIBILITIES FOR ABNORMAL OPERATION, PRIVACY LEAKAGE OR OTHER DAMAGES RESULTING FROM CYBER-ATTACK, HACKER ATTACK, VIRUS INFECTION, OR OTHER INTERNET SECURITY RISKS; HOWEVER, HIKVISION WILL PROVIDE TIMELY TECHNICAL SUPPORT IF REQUIRED.YOU AGREE TO USE THIS PRODUCT IN COMPLIANCE WITH ALL APPLICABLE LAWS, AND YOU ARE SOLELY RESPONSIBLE FOR ENSURING THAT YOUR USE CONFORMS TO THE APPLICABLE LAW. ESPECIALLY, YOU ARE RESPONSIBLE, FOR USING THIS PRODUCT IN A MANNER THAT DOES NOT INFRINGE ON THE RIGHTS OF THIRD PARTIES, INCLUDING WITHOUT LIMITATION, RIGHTS OF PUBLICITY, INTELLECTUAL PROPERTY RIGHTS, OR DATA PROTECTION AND OTHER PRIVACY RIGHTS. YOU SHALL NOT USE THIS PRODUCT FOR ANY PROHIBITED END-USES, INCLUDING THEDEVELOPMENT OR PRODUCTION OF WEAPONS OF MASS DESTRUCTION, THE DEVELOPMENT OR PRODUCTION OF CHEMICAL OR BIOLOGICAL WEAPONS, ANY ACTIVITIES IN THE CONTEXT RELATED TO ANY NUCLEAR EXPLOSIVE OR UNSAFE NUCLEAR FUEL-CYCLE, OR IN SUPPORT OF HUMAN RIGHTS ABUSES.IN THE EVENT OF ANY CONFLICTS BETWEEN THIS MANUAL AND THE APPLICABLE LAW, THE LATTER PREVAILS.Symbol Conventions The symbols that may be found in this document are defined as follows.ContentsChapter 1 Introduction (1)1.1 Product Introduction (1)1.2 Key Feature (1)Chapter 2 Installation (2)2.1 Installation Environment (2)2.2 Install Barrier Gate (2)2.2.1 Fix Barrier Gate Host (2)2.2.2 Install Boom Pole (4)2.3 Wiring (5)2.3.1 Connect to Peripheral Devices (5)2.3.2 Connect to Power Supply (7)Chapter 3 Debug (9)3.1 Remote Control (9)3.2 Button Operation (9)Chapter 4 Maintenance (13)4.1 Check Regularly (13)4.2 Check After Collision (13)4.3 Fault Code Description (13)4.4 Troubleshooting for Failed Auto Rising/Falling of Boom Pole After Power Cutoff (15)Appendix A. Peripheral Device Interfaces Introduction (16)Chapter 1 Introduction1.1 Product IntroductionBarrier gate is the entrance and exit management device to limit motor vehicle passing. It can control the boom pole automatically via parking lot management system. Or you can control the boom pole via buttons on remote controller.Barrier gate is widely applicable to toll station, parking lot, the entrance and exit of community and unit, etc. Its working temperature ranges from -30 °C to 70 °C (-22 °F to 158 °F).1.2 Key Feature●Adopts direct current brushless motor which can run steadily, applicable to entrance and exit, ETC system, etc.●The boom pole can rise rapidly and fall slowly. The barrier gate can learn the rising and falling limit positions automatically after it is powered on.●Over-voltage and over-current protection to prevent the motor from being burnt caused by locked rotor during running.●Supports anti-fall function via inductive loop, IR, etc., and protection functions including pressure wave, resistance rebound, etc.●Adjustable boom pole direction from left to right or from right to left.Chapter 2 Installation2.1 Installation EnvironmentThe installation environment of the barrier gate should meet the following requirements.●The installation space should be large enough to guarantee the boom pole can rise or fall normally.●Install the barrier gate on horizontal ground.●Installation surface requirements:○If no base is installed, the installation surface must be firm enough to fix the host to guarantee the barrier gate can run stably.○If base is needed, it is recommended to install the base with quick setting cement. The base should be horizontal. The height should be larger than 300 mm. The length and width of base should be larger than those of the actual barrier gate installation surface. Bury the set bolts prepared by yourself before installation.●If the barrier gate is anti-collision, the boom pole will flick 90° in reverse direction if it is impacted. Make sure there is no obstacle in the range.●Bury the cables before installation. The conduit should be 50 mm higher than the ground to avoid the gathered water on the ground to enter into the cable and cause short circuit.2.2 Install Barrier Gate2.2.1 Fix Barrier Gate HostFollow the steps below to fix the host of barrier gate.Steps1.Mark the positions of holes on the refuge island as shown below. The hole depth is approx. 120 mm.Figure 2-1 Mark Positions of HolesThe suggestions for positions of holes:●The holes in vertical direction should be near to the boom pole.●If the entrance/exit is unidirectional, the holes should be in the horizontal center of the refugeisland. If the entrance/exit is bi-directional, the holes in the horizontal direction should be far away from the entrance/exit.2.Punch the four M12 × 150 expansion screws in the package into the marked positions on refuge island, and fasten the nuts to make the screws expand to grip the ground. Then unfasten thenuts.Figure 2-2 Install Expansion Screws3.Uninstall the top and front covers.1)Use the L-type key to unlock the top cover.2)Lift the top cover gently and push it to take it down.3)Lift the front cover gently to take it down.Figure 2-3 Uninstall Top and Front Covers4.Fix the host.1)Put the layers on the host bottom and parallel them to the rising or falling direction of theboom pole.2)Put the host on the positions of expansion screws on the refuge island to make the screwspass through the layers. Keep the layers parallel to the rising or falling direction of the boom pole.3)Fasten the expansion nuts on the screws to fix the host.Figure 2-4 Fix HostKeep the supporting bracket of the boom pole vertically upward to avoid accident.2.2.2 Install Boom PoleFollow the steps to install boom pole.Steps1.Align the holes on the supporting bracket with those on the boom pole.2.Insert four M8 screws into the holes.3.Install flat washers, spring washers, and nuts on both sides of the screws.4.Fasten the nuts to fix the boom pole.Figure 2-5 Install Boom PoleCautionContact the professional technical personnel to change the boom pole. You may damage the barrier gate if you change it by yourself.2.3 Wiring2.3.1 Connect to Peripheral DevicesThe barrier gate can connect to peripheral devices such as entrance/exit capture unit.Steps1.Open the top cover of the host, and you can see the interfaces to connect peripheral devices.2.Connect peripheral devices to the interfaces as shown below.Refer to "Peripheral Device Interfaces Introduction" for the detailed definition of the peripheraldevices interfaces.Figure 2-7 Connect to Peripheral Devices2.3.2 Connect to Power SupplyConnect the laid power cord (RVV3 × 1.5 mm2 or above) to the power input of barrier gate. Installthe top and front covers. Use the L-type key to lock the top cover.●Cut off the power before wiring.●The power voltage of barrier gate is 220 VAC ± 10%. If the voltage exceeds the range, voltage stabilizer is needed.●Make sure the barrier gate is connected to the ground firmly, or it may cause electric shock.Figure 2-8 Power InputChapter 3 DebugAfter the installation completes, power on the barrier gate, and it will operate self-check of rising to limit position.After the self-check completes, you can control the barrier gate via remote controller or buttons.3.1 Remote ControlAfter the self-check completes, you can control the boom pole to rise, fall, and stop via the remote controller leaving factory with the barrier gate.3.2 Button OperationOpen the top cover of the host, and you can see the buttons and nixie tube. You can control the barrier gate via the buttons and judge the status via the nixie tube.There is respective initial status for the rising limit position, falling limit position, and rising speed of the barrier gate. You can adjust them via buttons if the initial status cannot meet the requirements of the installation site.Figure 3-1 Control ButtonsNote●If you need to hold the buttons to trigger operations, hold for 3 seconds or above.●The nixie tube shows the status (e.g., H0) and fault codes (hexadecimal characters, e.g., 1A). If the fault codes appear on the nixie tube, it means there is operation error. Contact the technical personnel of our company to solve the problems.Table 3-1 Button Operation DescriptionThe controller can learn no more than 481.Press2.Holdadjust the boom pole to H5 status.Displayed fallingunit of thedurationPressnixie tube displays rL.Apply control signal to let the boom pole rise to the limit position.Holdadjust the boom pole to H8 status.HoldPressChapter 4 Maintenance4.1 Check RegularlyThe barrier gate should be maintained every three months. Check according to the following instructions.●Check mechanical drive.●Check if the wiring and GND is firm.●Check if the motor sounds abnormally.4.2 Check After Collision●Check if the slewer is damaged. Change it if it is damaged.●Check if the boom pole is curved. Change it if it is curved.●Check if the barrier gate sounds abnormally during running. Contact the qualified after-sales service agent in time.4.3 Fault Code DescriptionWhen the barrier gate is abnormal, open the top cover, and observe the fault code on the nixie tube to troubleshoot.Table 4-1 Fault Code Description4.4 Troubleshooting for Failed Auto Rising/Falling of Boom Pole After Power CutoffIf the boom pole cannot rise or fall automatically after the power is cut off suddenly, follow the steps to solve the problem.Steps1.Uninstall the top and front covers.2.Insert L-type wrench into the hexagonal hole on the host.Figure 4-1 Rotate Wrench3.Rotate the wrench according to the barrier gate status.-If the barrier gate is in the falling limit status, rotate the wrench anticlockwise to raise the boom pole slowly until it can rise and fall automatically.-If the barrier gate is in the rising limit status, rotate the wrench clockwise to make the boom pole fall slowly until it can rise and fall automatically.Appendix A. Peripheral Device InterfacesIntroductionOpen the top cover of host, and you can see the interfaces as shown below.Figure A-1 Interfaces Table A-1 Interface Description。

SOM产品手册SOM Product Guide2023关于我们官方合作伙伴业务范围芯驿电子科技（上海）有限公司，成立于2012年，总部位于上海松江临港科技城，是一家车载智能产品和FPGA 技术方案公司，拥有“AUMO”和“ALINX”两大品牌，其中AUMO 品牌专注车载智能产品，ALINX 品牌专注于FPGA 产品和方案定制。

经历十年发展，公司产品已经远销海外30多个国家。

2018年，公司通过高新技术企业认证，并通过ISO9001质量体系认证；2019年，荣获上海市松江区九亭镇“科技创新奖”；2020年，荣获上海市“专精特新企业“称号；2021年，申请通过上海市科技型中小企业技术创新资金项目，通过了国家级科技型中小企业认定，并通过了高新技术企业认证复审；2022年获得上海市张江国家自主创新示范区专项发展资金并通过“上海市创新型中小企业”认证。

ALINX 是全球的FPGA 芯片龙头企业XILINX 官方合作伙伴，国内FPGA 芯片龙头企业紫光同创官方合作伙伴，同时作为百度AI 合作伙伴，为百度定制了国产AI飞桨系统的Edgeboard 系列边缘设备。

通过多年的研发投入，已经推出100多款FPGA SoM 模组和配套板卡，积累了1000多家企业批量用户，上万个独立开发者，市场占有率遥遥领先。

通过产品+定制化服务的经营方式，ALINX 将继续加大对产品研发和技术研究的投入，不断与垂直行业客户合作，聚焦高端设备领域，协助客户解决行业的技术难题。

主要聚焦于FPGA + AI 解决方案，FPGA 国产化，FPGA 开发套件， ALINX 自有品牌产品。

公司提供的设计解决方案涉及人工智能、自动驾驶、轨道交通、半导体、5G 通信、医疗设备、工业互联、仪器仪表、数据中心、机器视觉、视频图像处理等行业。

紫光同创国内唯一的FPGA 板卡官方合作伙伴，XILINX 官方重要合作伙伴，百度AI合作伙伴。

轨道交通医疗设备半导体自动驾驶智能制造AI人工智能产品定制简介产品定制业务主要针对企业和研究院所，根据客户的需求进行产品的软硬件设计。

宁盾终端及网络准入技术白皮书V3 EUNSOL°目录概述 (3)NDACE准入引擎介绍 (3)产品简介 (3)设计原理 (3)信息收集处理分析 (3)准入防护策略 (4)集中管理 (4)工作原理 (4)TCP Reset (4)终端识别 (4)HTTP Notification/HTTP Redirect (5)Switch VLAN (5)无客户端检查 (5)客户端检查 (5)技术原理 (5)产品架构 (6)准入控制平台 (6)客户端/无客户端 (7)产品优势 (7)部署模式 (7)端点精准识别定位 (7)面向业务的自动化 (7)无代理 (7)基于场景化（应用）的身份认证 (8)可定制化报表信息 (8)主要功能介绍 (8)网络发现，全网扫描 (8)终端安全检查 (8)认证管理 (9)动态的访问控制策略 (9)持续透明的安全检查 (9)与第三方整合 (9)终端报表信息 (9)终端准入场景及技术实现 (10)PC准入场景 (10)IOT设备准入场景 (10)摄像头准入 (10)其他智能终端准入 (10)产品应用部署 (10)网络组网拓扑示例 (10)产品价值 (12)注意事项 (12)总结 (12)概述在互联网技术日新月异发展的今天，随之也为企业内网管理带来了新的问题以及挑战。

一般中大型的企业网络中均会部署防火墙、VPN、IDS/IPS、上网行为管理等安全设备，但这些安全设备只对接入网络后的终端或者流量数据进行处理，对终端接入网络准入控制及安全审查没有要求。

对此，我们可以引入宁盾NDACE准入控制引擎，借助它，我们可以仅允许合法并且受信任的终端接入网络，对不合法、不受信任的终端不予接入。

NDACE可以自动发现、识别接入网络的设备，并对其进行诸如杀毒软件、补丁更新等安全检查，然后根据制定好的条件策略下发相应的准入策略：允许接入、受限接入、拒绝接入、重定向登录认证等。

NDACE准入引擎介绍产品简介NDACE是上海宁盾信息技术有限公司面向政府、金融、互联网、制造业、医疗、教育等中大型企业单位推出的以终端安全准入为核心的解决方案。

安数云擎安保等保一体机技术白皮书北京安数云信息技术有限公司二〇一八年五月目录1背景介绍................................................................. 错误!未定义书签。

2等级保护................................................................. 错误!未定义书签。

2.1等保定义....................................................................... 错误!未定义书签。

2.2等保工作内容 ............................................................... 错误!未定义书签。

2.3等保等级划分 ............................................................... 错误!未定义书签。

2.4等保建设意义 ............................................................... 错误!未定义书签。

3产品概述................................................................. 错误!未定义书签。

4产品功能................................................................. 错误!未定义书签。

4.1自查评估....................................................................... 错误!未定义书签。

4.2整改加固....................................................................... 错误!未定义书签。

360天眼新一代威胁感知系统产品技术白皮书█文档编号█密级█版本编号█日期©2015 360企业安全集团密级：XXXX █ 版权声明本文中出现的任何文字叙述、文档格式、插图、照片、方法、过程等内容，除另有特别注明外，所有版权均属360企业安全集团所有，受到有关产权及版权法保护。

任何个人、机构未经360企业安全集团的书面授权许可，不得以任何方式复制或引用本文的任何片断。

█ 适用性说明本模板用于撰写360企业安全集团中各种正式文件，包括技术手册、标书、白皮书、会议通知、公司制度等文档使用。

█ 版本变更记录目录目录 (2)1引言 (1)2产品综述 (2)2.1产品设计目标 (2)2.1.1产品价值 (2)2.2产品原理介绍 (3)2.2.1产品关键技术 (3)2.2.2关键技术实现的效果 (16)2.3产品组成与架构 (17)2.3.1威胁情报 (18)2.3.2分析平台 (18)2.3.3传感器 (19)2.3.4文件威胁鉴定器 (19)2.4产品模块间数据流程描述 (20)2.5产品型号及规格说明 (21)2.5.1产品型号与硬件产品实拍 (21)2.5.2各型号的关键功能规格说明 (22)3产品性能说明（待硬件平台更换后补充） (25)3.1天眼各模块产品性能说明 (25)4实施部署说明 (27)4.1未知威胁检测及回溯方案实施部署 (27)4.1.1未知威胁检测及回溯方案说明 (27)4.1.2所需设备说明 (27)4.1.3所需带宽说明 (30)4.1.4所需通信资源说明 (30)4.1.5实施拓扑图 (30)4.1.6实施步骤说明 (31)4.2高级威胁检测方案实施部署 (32)4.2.1高级威胁检测方案说明 (32)4.2.2所需设备说明 (32)4.2.3所需带宽说明 (34)4.2.4所需通信资源说明 (34)4.2.5实施拓扑图 (35)4.2.6实施步骤说明 (35)4.3本地威胁发现方案实施部署 (36)4.3.1本地威胁发现方案说明 (36)©2015 360企业安全集团密级：XXXX4.3.2所需设备说明 (37)4.3.3所需带宽说明 (38)4.3.4所需通信资源说明 (38)4.3.5实施拓扑图 (39)4.3.6实施步骤说明 (39)5产品优势与特点 (40)©2015 360企业安全集团密级：XXXX1引言近年来，具备国家和组织背景的APT攻击日益增多，例如：2010年攻击伊朗核电站的“震网病毒”、针对Google邮件服务器的“极光攻击”、2013年韩国金融和电视媒体网络被大面积入侵而瘫痪等等，2014年APT攻击的主要目标行业是金融和政府，分别高达84%和77%。

B2B企业SDR团队搭建策略白皮书致趣百川科学搭建SDR团队，实现高效获客转化前言SDR，是一个舶来词，英文全称Sales Development Rep，即商机拓展专员。

该职能在国内主要存在于可清洗线索数量较多、客单价较高的B2B企业。

SDR与普通的电销不同。

说到电销，大家第一印象就是以成交为目的短平快的电话拜访。

而对于B2B企业（或者高客单价企业）来说，从流量到成交客户会历经漫长而复杂的几个阶段，尤其在疫情下，平均成单周期已经拉长到5个月以上，仅靠电话销售的形式收效甚微。

传统的电销就如同原始猎人打猎，这块区域没有猎物就到其他区域去狩猎，仅依靠经验去获取少量猎物，不能规模化。

而SDR更像是机械化的现代农民，不仅有从耕地、播种、施肥、降雨、灭虫、收割的成体系、规模化的生产流程，还可以借助先进技术（MarTech）提升生产效率。

SDR是链接「市场部」与「销售部」的接力棒，负责将市场部的线索进行跟进、孵化，再将符合转出标准的线索转出给销售。

一方面，SDR需要和市场部其他职能岗位配合（比如投放、内容、PMM）。

每天既要跟进潜在客户，通过挖掘客户需求信息来对客户作线索质量判断，同时了解他们的决策流程，来决定这条线索接下来的跟进方式是给到面销人员拜访跟进还是由SDR继续孵化，或者通过营销自动化工具来做批量跟进。

每一条渠道来源的线索都需要把跟进情况反馈给市场部其他职能部门，比如不同关键词吸引来的客户、不同直播内容吸引来的客户、不同产品内容吸引来的客户，都需要在联系完客户以后第一时间将数据反馈给市场部其他职能部门去做复盘对比和优化。

另一方面，SDR与销售团队密切合作，将合格的线索（MQL）交付给销售，安排销售和高意向客户电话或见面，销售拜访客户后判断是否值得跟进（即是否接受为SQL），让销售专注于成单，从而提升销售人员的杠杆率。

对于销售跟进反馈不及时的情况及时预警提示，对于销售跟进拜访后判断不接受为SQL的线索进行分类跟进孵化，从而形成营销闭环。

|WhitepaperA Buyer’s Guide for Digital Risk Protection Criteria for selecting the DRP platform that best protects your digital footprintToday, public and digital risks are issues facing every organization with a digital footprint, which includes any organization that conducts business online, or promotes its brand and products on the web, or has customers reviewing or commenting on its offerings on social media platforms.The public attack surface includes many digital risks that can be categorized as follows:• Campaigns of theft and fraud targeting an organization’s customers, using techniques like spoofed websites and social media accounts, phishing campaigns, and fake mobile apps. Cybercriminals use these tools to defraud the organization’s customers, sell them counterfeit and pirated goods, and capture credentials used for identity theft.• Attacks on the reputation of an organization, through false information on social media sites, fake reviews, and taking over social media accounts of the organization and its executives in order to post offensive content.• Attacks against an organization’s IT infrastructure and its employees, leading to the theft of customer data, intellectual property (IP), media content, software, employee data and credentials, and other valuable assets.The impacts of these threats include damage to reputation and brand value, loss of customer trust, reduced revenues, regulatory fines, breach notification costs, and disruption of operations.1The wide world of digital risksA Digital Risk Protection (DRP) program can protect organizations from cyber, brand, and physical threats. By monitoring social media and the surface, deep and dark webs, IT security and fraud prevention teams can detect evidence of active attacks, successful data breaches and social media account takeovers, and planned campaigns by cybercriminals, hacktivists, state-sponsored hackers. They can also find indications of harmful actions by disgruntled (or merely careless) employees and customers.An effective DRP program enables an organization to respond quickly to digital threats by taking down fraudulent websites, ads, and social media accounts, notifying review sites and online forums about false and misleading postings, and alerting online marketplaces and app stores to counterfeit merchandise and fake mobile apps. It should also provide IT groups with current threat intelligence so they can prevent data breaches by deactivating compromised user accounts, revoking stolen credentials, and strengthening security controls.The value of Digital Risk Protection (DRP) programsIntroductionFor a comprehensive overview of digital risks and their impacts, see the ZeroFOX white paper “A Taxonomy of Digital Threats” at https:///resources/taxonomy-of-digital-threats/.It is extremely difficult to create an effective DRP program with manual methods. There are far too many social media platforms and websites to monitor with conventional search tools, even with a large staff of trained analysts. Critical information may be hidden in deep and dark web sites that are hard to find and access. Threat actors exchange not only in English but in languages like Russian, Chinese, Indonesian, and Arabic. Text searches are not enough, because many fraud and phishing campaigns disguise malicious content in images and video.To address these challenges, many organizations have turned to DRP platforms and managed services. These provide the benefits of state-of-the-art tools and highly trained staffs, delivered in a scalable services model. In addition, security teams can rely on the DRP platform service provider to enhance technology and workflows as their digital footprint expands and the threat environment evolves.But the DRP field is new, and it can be hard to distinguish between the solutions that have come on the market. This guide is intended to help by suggesting criteria you can use to select the platform that best protects your public attack surface, digital assets and brand.Criteria for selecting the right solution for your organization’s DRP needsWe will review three topics related to the scope of DRP platforms:1. Breadth of social and digital platforms monitored2. Protection of the complete digital footprint3. Capabilities for remediation and take downAfter that, we will drill down into critical capabilities in three areas:4. AI-based tools for advanced analysis5. Global threat intelligence and research6. Automation and ease of managementDRP platforms and managed services provide the benefits of state-of-the-art tools and highly trained staffs, delivered in a scalable services model.Information security groups have extensive investments in staff and programs for detecting Indicators of Compromise (IOCs) on their own network and systems. These are critical for stopping attacks against the organization’s IT infrastructure and its employees.But most enterprises have little experience monitoring social networks, online marketplaces, discussion forums and review websites, and deep and dark websites. They also lack tools that handle these tasks at scale. For example, when it comes to detecting threats on social media platforms and discussion forums, conventional search engines like Google and Bing:• Are unable to discern benign from the truly bad, and hence generate massive numbers of false positives • Provide little if any context to guide investigation into digital threats• Have no access at all to deep and dark websites (by definition, these are not indexable or even accessible)•Are geared for manual searches and therefore are labor intensive and do not scale wellAs a result, enterprises have little visibility into the platforms that threat actors use to perpetrate frauds on customers, sell counterfeit and pirated goods, capture credentials from customers and employees, and disseminate false information about the organization, its products, and its executives.DRP solutions are designed to give enterprisescomprehensive visibility into activity on social and digital platforms. When evaluating DRP solutions, be sure to assess the breadth of their coverage. Table 1 shows the types of platforms that a DRP platform should monitor.Criterion 1:Breadth of Social and Digital Platforms MonitoredFor a comprehensive overview of digital risks and their impacts, see the ZeroFOX white paper “A Taxonomy of Digital Threats” at https:///resources/taxonomy-of-digital-threats/.Table 1: Types of platforms a DRP solution should monitorSurface web, deep web, dark web: what’s the difference?The surface web: all websites thatcan be found by conventional searchengines.The deep web: websites and webcontent that cannot be crawled orindexed by search engines, includingdatabases and sites that areprotected by passwords or CAPTCHAtechnology. It is many times the sizeof the surface web.The dark web: a subset of thedeep web where communicationand transactions can be carried outanonymously, typically because theyuse special encryption protocols andbrowsers such as TOR or becausethey require users to be invited orto pass a test. It only contains a fewthousand websites, but most aredifficult to find and access.references to names, brands, products, executives, andemployees associated with the enterprise. Look for solutions that provide visibility into your complete digital footprint, not just parts of it. Table 2 lists the elements of a digital footprint that a DRP platform should be able to monitor.You should also determine if a DRP solution has tools and workflows that make it easy to specify the names, brands, products, executives, logos and images, etc. that you want to monitor, and to create rules for assessing whether their use is legitimate or not.Table 2: Elements of digital footprint a DRP platform should monitor Typosquatting is the practice of registering domains that are the same as legitimate enterprise domain names except for misspellings or odd characters. Typosquat domains are used to attract internet users who mistype the domain name, and as a place to send victims of phishing campaigns who may not recognize that they are not on the enterprise’s website.DRP is not just about detection and analysis. Thoseare very important, but they provide little value unlessthey lead to action to remediate vulnerabilities andtake down web pages and social media posts used by cybercriminals, hacktivists, and state-sponsored hackers.You should consider the degree to which a DRPplatform can automate remediation and takedown activities by sending data and contextual informationto SOC teams and analysts for rapid response and by facilitating automated takedown messages that can besent immediately to social network platforms and website hosts.Table 3 lists some of the types of remediation and takedown actions a DRP platform should be able toinitiate across the organization’s public attack surface. Remediation and Takedown Capabilities Table 3: Remediation and takedown actionsSuccessful remediation and take down depends not just on technology. Each individual social media platform, forum, market, and web hosting site has its own contact point, takedown request process, terms of service, and requirements for evidentiary information. You need to make sure your DRP service provider has the knowledge and experience to handle takedowns for the widest possible range of platforms.A DRP platform should also provide excellent reporting and performance metrics for takedowns, so you can track takedown requests, status, successes and failures, duration, and history.Reporting violations of social media platforms Rules and Terms of ServiceSocial media platforms have separate report forms for each type of violation of their rules and terms of service:• Unauthorized trademark use• Unauthorized use of copyrighted materials • Sale or promotion of counterfeit goods• Privacy policy towards children• Child sexual exploitation: Learn more about our child sexual exploitation policy• Pornography• Impersonation of an individual or brand• Private information posted on social media platform• Abusive behavior and violent threats• Spam and system abuse• Violation of social media platform Ads policy Information required to report a trademark violation to social media platforms• Trademark holder’s name• Trademark holder’s address• Trademark holder’s country• Trademark holder’s website• Trademark holder’s social media platform username (optional)• Trademarked word, symbol• Registration number• Registration office• Direct link to trademark record or trademark search page (optional)• Social media platform account being reported • Description of the confusion with your trademarkExample of rules regarding reporting violations to social media platformsUnfortunately, digital threats are now so numerous, so diverse, and so cleverly concealed, that mere human beings can no longer hope to find and identify them all, even when aided by conventional search engines. DRP platforms are incorporating advanced artificial intelligence (AI) technologies to overcome obfuscation and process huge volumes of data. You should look for DRP solutions and vendors that utilize as many of these advanced technologies as possible to provide agility, scale and offload burdensome analysis tasks from human experts.Table 4 summarizes some of the types of AI that can be used to uncover evidence of digital risks.AI-based Tools for Advanced AnalysisTable 4: Artificial intelligence technologies and their application to DRPNatural language processing (NLP)Analyzes text in multiple languages and derives meaning and intent.Malicious link analysisOptical character recognition (OCR) Object detection/ computer vision (CV)Machine learning (ML)Examines content in social media posts, collaboration tools, email communications, and other channels and detects suspicious links related to malware, phishing, spam, and other threats.Detects characters embedded in images used to mislead viewers, convey false information, and perpetrate fraud.Discovers patterns in large volumes of text and images that can be used to detect and classify digital threats.Compares facial images to detect unauthorized use of pictures of executives and employeesand impersonations.Deepfake detection Analysis at scale Identifies digitally altered images and videos.Ability to evaluate billions of content pieces annually and process millions of data points daily to enrich machine learning and other AI techniques.Deepfake detection is one of the most exciting newapplications of AI for DRP. Click on the image foran overview of the topic, and an introduction toDeepstar, ZeroFOX’s open source contribution toDeepfake detection.Web presentation: Playing Offense and Defense with DeepfakesTable 5: Attributes of effective threat intelligence for DRPAttribute Description Contextual Threat intelligence relevant to your use cases and threat environment.PrioritizedActionableCurated, strategicOption for custom threat analysis Information prioritized by criticality of the threat.Alerts with recommended actions and ‘in-alert’ response options, packaged for semi- or fully-automated response.Finished intelligence about active and emerging threats, with analysis and recommendations by expert research staff.Option to engage a dedicated analyst for custom investigations and special reports.Flexible communication Integration with security tools Options to communicate threat intelligence to analysts and security operations center (SOC) operators via online portals, mobile apps, and email updates.Ability to export threat intelligence and indicators of compromise into SIEMs, threat intelligence platforms (TIPs), security orchestration, automation and response (SOAR) tools, and other security solutions.• DRP provides tactical intelligence, which makes iteasier to demonstrate ROI.”Excerpted from the Forrester Research report TheDigital Risk Protection Market In 2019: The First CyberIntelligence Capability You Should Invest In, by JoshZelonis and Trevor Lyness, April 19, 2019, with permissionfrom Forrester Research.10DRP platforms vary widely in how well they automate workflows and how easy they are to use and manage. Evaluate DRP solutions to see if they automate and streamline essential processes and improve the experience of your analysts and digital security teams.Table 6 lists some of the features of a DRP platform that facilitate automation and easy use and management.Criterion 6:Automation and Ease of ManagementTable 6: DRP solution features for ease of use and process automationYou should now have a solid understanding of the valueof digital risk protection programs and how effective DRP platforms cast a very wide net to detect and remediate risks to your organization’s reputation, revenue, brands, employees, and customers.We hope this guide will help you in your selection to ask the right questions about the DRP solutions and DRP vendors you evaluate. To recap some of the main points:• Assess the breadth of social and digital platforms monitored by the DRP solution, including globaland regional social networks, popular websites, onlineforums, blogs, and review sites, mobile app stores, and code paste sites.• Determine whether the DRP solution will protect your complete digital footprint, including ownedand non-owned social media accounts, domains andwebsites, brand and product names and logos, and your executives and employees.• Examine the DRP solution’s remediation and takedown capabilities, in particular its ability toefficiently initiate and quickly complete takedownsand appropriate resolution steps with social mediaplatforms, owned social media accounts (in case ofaccount takeover), domains, and surface, deep and dark web forums and websites.• Review the DRP solution’s use of artificialintelligence-based technologies such as naturallanguage processing, machine learning, malicious linkanalysis, object detection, image comparison, anddeepfake detection.• Verify that the DRP solution or provider is able to produce and use contextual, prioritized, actionable threat intelligence and provides options for curatedstrategic intelligence and custom investigations.• Evaluate the DRP solution for automation and ease of management features such as API connections tosocial media and web platforms, simple rule creation, an excellent user interface, and an at-a-glance dashboardwith drill-down capabilities.How to Select the Right Platform for Social Media and Digital Risk Protection For more information please visit 12。

小蚁白皮书基于区块链技术的资产数字化系统v1.02015.9.7网站：邮箱：contact@导读第1章“概述”是对小蚁的高层次描述，适合任何人士阅读。

第2-7章为小蚁的技术实现方案的逻辑描述，适合对区块链技术有一定了解的人士阅读。

小蚁为开源系统，遵循MIT开源协议。

代码托管于：https:///antshares/antshares目录1概述 (6)1.1什么是小蚁 (6)1.2什么是区块链 (6)1.3小蚁的应用场景： (6)1.3.1股权众筹 (6)1.3.2P2P网贷 (7)1.3.3员工持股激励 (7)1.3.4签署电子合同 (7)1.3.5其他 (8)1.4小蚁的设计思想 (8)1.4.1权力的去中心化vs 事务的去中心化 (8)1.4.2清算型区块链vs 日志型区块链 (9)1.4.3平行金融系统vs 对接金融系统 (9)1.5小蚁的特点 (10)1.5.1合规对接实体金融 (10)1.5.2去中心化的“超导交易” (10)1.5.3熟悉的用户体验：普通用户无需持有小蚁股/小蚁币；使用查询和支付两个“密码” (11)1.6法律与合规 (11)2.1私钥、公钥、地址、账户、账户地址 (12)2.2身份认证 (13)2.3隐私保护——公开地址vs 隐私地址 (14)3资产 (15)3.1原生资产 (15)3.1.1小蚁股AntShare，缩写为ANS (15)3.1.2小蚁币AntCoin，缩写为ANC (15)3.2用户发行资产 (16)3.2.1货币 (16)3.2.2股权类资产 (16)3.2.3债权类资产 (16)3.2.4其它资产 (17)4交易类型 (17)4.1资产相关交易 (17)4.1.1资产创设 (17)4.1.2资产分配 (17)4.1.3资产变更、注销、冻结 (17)4.2转移、交换资产相关交易 (18)4.2.1合同交易 (18)4.2.2委托交易 (18)4.3.1登记、撤回候选记账人 (18)4.3.2选举记账人 (19)4.4交易费用 (19)4.4.1基本字节费 (19)4.4.2附加服务费 (19)5记账机制 (20)5.1区块链 (20)5.2共识机制——中性记账 (21)5.2.1中性记账的特点 (21)5.2.2选举记账人 (22)5.2.3对区块随机数达成共识 (22)5.2.4对区块所包含的交易达成共识 (23)5.2.5对小蚁币分配达成共识 (23)6分配机制 (24)6.1小蚁股分配方案 (24)6.2小蚁币分配机制 (24)7周边生态 (24)7.1交易所 (24)7.2钱包 (24)7.3众筹、P2P网贷 (25)1概述1.1什么是小蚁小蚁是基于区块链技术，将实体世界的资产和权益进行数字化，通过点对点网络进行登记发行、转让交易、清算交割等金融业务的去中心化网络协议。

数字资产管理白皮书随着数字技术的不断发展，数字资产已经成为了企业、组织和个人不可或缺的一部分。

数字资产是指以数字形式存在的资产，包括数据、文件、图像、音频、视频等。

由于其特殊性，数字资产管理成为了当前企业面临的重要问题。

本文将介绍数字资产管理的概念、重要性、现状和挑战，并提出一些可行的解决方案。

一、数字资产管理概述数字资产管理是指对数字资产进行识别、分类、存储、保护、备份、传输、使用、共享、销毁等全过程的管理。

它涉及到数字资产的收集、整理、归档、检索、利用等各个环节，以确保数字资产的安全、可靠和有效利用。

二、数字资产管理的重要性1. 保障企业资产安全：数字资产是企业的重要资产，对其进行有效的管理可以防止数据泄露、损坏或丢失等风险，保障企业资产安全。

2. 提高工作效率：通过有效的数字资产管理，可以提高工作效率，减少重复劳动，降低错误率，提高企业运营效率。

3. 促进创新发展：数字资产管理可以为企业提供丰富的资源，促进企业创新发展，提高企业核心竞争力。

三、当前数字资产管理面临的挑战1. 数据量大，管理难度高：随着数字化进程的加速，数字资产数量快速增长，数据量大且类型多样，给数字资产管理带来了极大的挑战。

2. 安全管理问题：数字资产面临的安全风险不断增加，如黑客攻击、病毒传播、系统故障等，需要加强安全管理措施。

3. 缺乏统一的标准和规范：目前数字资产管理缺乏统一的标准和规范，导致不同企业或组织之间的数字资产难以共享和交换。

四、可行的解决方案1. 建立完善的数字资产管理制度：制定数字资产管理流程和规范，明确各部门的职责和权限，确保数字资产管理的规范化和标准化。

2. 采用先进的技术手段：利用大数据、人工智能等技术手段，实现对数字资产的自动分类、检索、备份、传输等功能，提高管理效率。

3. 加强安全防护措施：建立完善的安全管理制度，加强安全防护措施，如加密、权限控制、备份恢复等，确保数字资产的安全性。

4. 培养专业的数字资产管理人才：培养专业的数字资产管理人才，提高管理团队的素质和技能水平，为数字资产管理提供有力的人才保障。

【专访】Trinity创始人李一灵NEO DevCon开发者大会已经圆满结束啦，在这场大会中Connie很幸运的访问到了几个近期非常火的项目创始人唷！接下来就会带小韭菜们一起来深入挖掘一下这些热度呼声极高的项目，和项目创始人聊聊，近距离接触～不夸张，和这些厉害又有想法的创始人聊完之后，Connie完全被圈粉，变成小迷妹啦！那么事不宜迟，我们就来看看这些优质项目专访的第一弹，为NEO打CALL，誓言帮助NEO解决水管堵塞并且畅通无阻的，智能经济的基石—Trinity。

Connie视频专访Trinity创始人李一灵Connie: 请先简介一下Trinity 想要做的是什么？Trinity创始人李一灵: 就像我们宣传的，Trinity是NEO的一个链下扩容解决方案，我们想要通过状态通道技术来为NEO 的用户提供快捷，隐私和快速的支付体验。

同时，我们将要逐渐建立复杂的多对多状态通道系统，然后去赋能NEO生态下的项目，使得这些项目在不消耗主链计算性能的情况下又享受到区块链去中心化特性的基础设施，同时又有很强，很快的处理能力。

Connie: 能简要介绍一下Trinity的团队吗？Trinity创始人李一灵: 我当时在小蚁的时候，小蚁还没有完成品牌重塑；在我离开后才做了品牌重塑（也就是现在的NEO）。

Trinity的联合创始人还包括有张广峰和易峰平。

张广峰之前其实并不是负责NEO的，他有很多的区块链开发经验，他之前在中钞研究院，参与过人民银行的金融区块链票据系统的研发，以及具有多种加密数字的开发经验。

易峰平之前在Onchain （Onchain是与NEO相关的盈利性公司，主要负责政府事务关系）我们目前在杭州和成都有两个团队，同时进行。

成都团队有一个完整的互联网产品团队，从前端、后端、UI、测试、美工、区块链底层协议开发全部都有。

杭州团队则相对纯粹，主要是Trinity的核心协议的开发，团队主要经验是电信系统和支付的开发。