论文标题:安全中间件系统关键技术研究
Researches on Key Issues of Security Middleware
论文作者
论文导师 熊光泽,论文学位 博士,论文专业 计算机应用技术
论文单位 电子科技大学,点击次数 98,论文页数 135页File Size7064K
2006-03-01论文网 http://www.lw23.com/lunwen_360662152/
Security Middleware; NewSec Architecture Model; Security API;NewSec Concurrent Scheduling Algorithm; NewSec Load Balancing Algorithm
安全问题是信息化建设过程中不可回避的话题,在现代信息社会中,随着计算机技术的广泛应用,这一问题也就显得更加迫切。目前安全领域的技术门槛高、投入代价大、易用性差、互操作能力弱等问题已经成为解决安全问题的瓶颈,在这种情况下,安全中间件应运而生。它的设计思想是将信息安全技术和中间件技术结合起来,把安全模块从整个应用系统中分离出来,成为通用的软件,使二者成为一种松耦合的关系,这样既可以提高软件的可重用性,也可以降低应用软件开发的难度。 本文对安全中间件的研究旨在研究其关键技术,主要包含安全中间件的体系结构、应用编程接口及关键协议、多线程并发调度算法、安全负载均衡算法等研究内容,论文是对作者研究工作的全面总结,主要的创新性工作包括如下: (1) 提出了一种安全中间件体系结构模型——NewSec体系结构 安全中间件既有安全功能,又有中间件功能,针对我国特别是我军的实际情况,提出了一种安全中间件体系结构模型——NewSec体系结构,这是一种层次化体系结构模型,包括基础模块、安全服务、安全协议、组件服务和安全管理共5层。然后特别对通用安全管理器CSM、资源信息服务器RIS和CORBA安全等几个重要的安全模块,做了深入的研究和详细的说明。 (2) 设计了一套安全中间件应用编程接口 根据信息安全公共服务需求,吸收国内外公共安全服务接口的经验,设计出一套通用的、统一的、简单的、易用的安全应用编程接口API,该应用编程接口分为通用和专用两类,专用API包括初级和高级接口。设计并实现了相关的一组接口函数。 (3) 提出了PKCS#11设计模型和WTLS协议仿真模型 作者讨论了安全中间件的核心层——公共安全操作平台所遵守的公钥密码加密标准PKCS#11标准和约束规范,提出了一种新的PKCS#11设计模型,并对该模型进行了详细的研究和说明。 在深入研究WTLS协议的基础上,提出了一种对WTLS协议进行仿真的模型和方法,并做了仿真实验,取得了良好的效果。该仿真模型和方法对于一个实际的应用系统设计、实现以及系统优化,具有重要的参考作用。
In modern information society, security problem is a unevadable subject in the course of information construction, and this problem seems more urgent with wide application of computer technology. At present, due to high technological threshold, big investment, poor usability and weak cooperative ability in security field, these problems have become bottle neck to solve security problems. In such a case, security middleware emerges as the requirement of times. Its design ideas are the combinations of information security technology and middleware technology, it means that separating the security module from the whole application system to be as a common software, then both of them becoming a loose coupling relationship. Therefore, it can raise re-usability of software and also reduce difficulty of application software"s development.The theme of this paper"s research for security middleware is to research its key technology, its main contents contain: system structure of security middleware, application programming interface and key protocols, multi-thread concurrent scheduling algorithm and security load balancing algorithm etc..This paper is a comprehensive summing-up to author"s research work. Its main creative work includes as follows:(1) Putting forward a new architecture model of security middleware ——NewSec architecture modelSecurity middleware has either security function or middleware function. It aims at our country, especially, our army"s actual condition. It has put forward a new structuralmodel of security middleware——NewSec architecture model etc.There are five layersincluding basic model,security service,security protocols,conponet services and security management. Especially, several important security modules in the security middleware: CSM module of universal security management device, RIS module of resource information server and partial modules of CORBA security, and the deep research and detailed explanation have been made.
|
