About Me

潘蓝兰 (Pan Lanlan):

Type	URL
Mail	abbypan@gmail.com
Github	https://github.com/abbypan
Technical Notes	https://abbypan.github.io/page/notes
Blog	https://abbypan.github.io/archive
Linkedin	https://www.linkedin.com/in/panlanlan/
ResearchGate	https://www.researchgate.net/profile/Lanlan-Pan/research
Orcid	0000-0002-1771-2683

Education

Year	School	Degree	Info
2006 - 2009	USTC (University of Science and Technology of China)	Master of Information Security	Infonet: http://if.ustc.edu.cn
2002 - 2006	USTC (University of Science and Technology of China)	Bachelor of Information Security	Cybersec: http://cybersec.ustc.edu.cn/main.htm

Working Experience

Year	Company	Position	Experience
2019 - 2023	OPPO	Security Architect	Terminal Security
2018 - 2019	Geely	Cybersecurity Technical Manager	Automotive Security
2013 - 2017	CNNIC (China Internet Network Information Center)	Primary Security Technology Researcher	Cyberspace Security
2009 - 2013	Tencent	Network Security Engineer	Cybersecurity

Paper (First Author)

Year	Paper	Index
IEEE SIN 2024	A Lightweight Hybrid Signcryption Scheme for Smart Devices
IEEE CSR 2024	Building a Secure Cross-Device Communication Channel for Smart Devices based on App Accounts	WOS:001327167900054
IEEE SmartNets 2024	ASDWL: Mitigating DNS Random Subdomain Attacks for Second Level Domain	WOS:001267026900020
CRIS 2023	Enhance Calling Definition Security for Android Custom Permission
Computing 2022	Measuring the Resolution Resiliency of Second-Level Domain Name	WOS:000889463000045
Spaccs 2019	EPT: EDNS Privacy Tunnel for DNS
QShine 2018	Improving Privacy for GeoIP DNS Traffic
IEEE TrustCom 2018	A Public Key based EDNS Privacy Tunnel for DNS	WOS:000495072100250
IEEE PST 2018	Mitigating Client Subnet Leakage in DNS Queries	WOS:000454683600016
NDSS DNS Privacy Workshop 2017	EIL: Dealing with the Privacy Problem of ECS
IEEE APNOMS 2016	Mitigating DDoS Attacks towards Top Level Domain Name Service	WOS:000392160000059
计算机应用研究 2016	一种评估DNS根镜像服务的方法
计算机应用研究 2015	一种快速评估DDOS攻击对DNS权威服务影响的方法
通信技术 2010	基于兴趣相似度的协作式垃圾邮件过滤方案
Masters Dissertation 2009	协作式垃圾邮件过滤技术研究

Granted Patent (First Author)

Patent: https://patents.google.com/?inventor=%E6%BD%98%E8%93%9D%E5%85%B0

Granted Year	Grant No.	Patent
2024	CN114726625B	检测方法及装置、服务器及存储介质 (Detection method and device, server and storage medium)
2024	EP4099733B1	Security authentication method and apparatus, and electronic device
2024	US11924635B2	Security authentication method and apparatus thereof, and electronic device
2024	CN114979071B	动态域名配置方法、装置、电子设备及存储介质 (Dynamic domain name configuration method, device, electronic equipment and storage medium)
2024	CN111970115B	一种数字钥匙的校验方法、装置、系统及终端 (Digital key verification method, device, system and terminal)
2023	CN111726782B	一种安全认证方法及系统 (Security authentication method and system)
2023	CN111194033B	车内安全通信方法、系统及计算机存储介质 (In-vehicle secure communication method, system and computer storage medium)
2022	CN111432373B	一种安全认证方法、装置及电子设备 (Security authentication method and device and electronic equipment)
2022	CN109862099B	一种升级校验方法、装置、终端及系统 (Upgrade checking method, device, terminal and system)
2021	CN109831779B	一种升级包下载方法、装置、服务器、终端及系统 (Upgrade package downloading method, device, server, terminal and system)
2021	CN111055808B	售前车辆控制方法及服务器 (Pre-sale vehicle control method and server)
2021	CN109787774B	基于数字签名校验的升级下载方法、装置、服务器及终端 (Upgrade downloading method and device based on digital signature verification, server and terminal)
2020	CN106210165B	基于NS记录分层授权缓解域名权威记录劫持影响的方法 (Method for relieving domain name authority record hijacking influence based on NS record hierarchical authorization)
2019	CN105704259B	一种域名权威服务来源ip识别方法和系统 (A kind of domain name authority services source IP recognition methods and system)

Standard

Year	Standard
2022 T/TAF 074-2020	移动智能终端数字车钥匙信息安全技术要求
2015 CCSA YD/T 3008-2016	域名服务安全状态检测要求

Year	Draft
IETF draft-pan-dnsop-explicit-forged-answer-signal	Explicit Forged Answer Signal
IETF draft-pan-dnsop-edns-isp-location	ISP Location in DNS Queries
IETF draft-pan-dnsop-swild-rr-type	SWILD RR Type (Wildcard on Intermediate Nameservers)

Technical Notes

Technical Notes
密码应用合规笔记(Crypto Compliance Notes)
密码应用笔记(Crypto Application Notes)
芯片安全笔记(Chip Security Notes)
Android安全笔记(Android Security Notes)
网络安全笔记(Cybersecurity Notes)
DNS安全笔记(DNS Security Notes)

Participate

Organization
ICANN RSSAC Caucus
SECURWARE Technical Program Committee

Keywords

Experience	Keywords
Terminal Security	Chip, Cryptography, Device, Connectivity, Android, TEE, IoT, Privacy, Data Security, GDPR
Automotive Security	Digital Car Key, CCC, OTA, Telemetics, TSP, ECU, HSM, BLE, NFC, UWB
Cyberspace Security	DNS, BGP, PKI
Cybersecurity	DNS, Hijack, DDoS, Network, TLS, CDN, HTTP

create with vim