基于SOA架构的多代理安全模型-计算数学专业论文.docxVIP

摘要 摘 要 面向服务的架构 SOA（Service Oriented Architecture）是新一代的软件架 构模式，采用此架构部署的应用系统具有开放性和互操作性的特征，因此被广泛 应用分布式系统的集成和软件系统的开发。该方法在减少集成开销和增强企业的 灵活性的同时，也给系统安全带来了极大的挑战。伴随着面向服务架构和 Web 服 务的结合，越来越多的安全隐患暴露出来，不仅包含 Web 服务本身的安全，同时 跨安全域的服务组合与复用更是给传统的安全策略带来了极大的挑战。如何利用 传统的安全手段以及基于 Web 服务的安全规范构建分布式环境下的安全框架，成 为成功应用面向服务架构的关键。本文通过以下几个方面的工作，构建了面向服 务架构的安全模型： 1.分析了面向服务架构的安全隐患和安全需求，在对主要的安全技术手段进 行分析的基础上，提出了基于 Web 服务的安全方案。 2.充分分析了免疫 Agent 的特征，??人工免疫与 Agent 的相关理论相结合， 设计出基于否定选择机制的安全代理，并用于相关安全服务的调用。 3.构建了基于免疫 Agent 面向服务的安全框架，详细描述了该框架的构成， 免疫 Agent 的运行机制，以及如何通过各种安全服务的有效结合实现应用的安全 需求。 4.部署基于 Java 的实验平台，实现了基于可信第三方代理的 Kerberos 认证 服务。通过第三方认证代理的实现，表明系统具有很好的扩展性。 关键词：面向服务的架构，Web 服务，代理，免疫，否定选择 I ABSTRACT ABSTRACT Service-Oriented Architecture (SOA) is a new generation of software architectural paradigm, by which deployed applications have the feature of interoperability and openness, so it is widely used in distributed system integration and software development. It reduces integration costs and enhances flexibility; however it brought the system great security challenges. With service-oriented architecture and web services integration, more and more security risks exposed. Includes not only the security of web service itself, but also security of reusability and composition of services across different security domains, which take great challenges to traditional security policy. How to building the security framework in distributed environment using traditional security measures and web services security specifications is a key point to deploy successful application based on service-oriented architecture. In this paper, we build a service-oriented architecture security model through the following works: Analyze the security risks and requirements of service-oriented architecture. By analysis of traditional security technical means, a security solution based on web service was proposed. Comprehensive analyzes the characteristics of the immune agent; compose artificial immune and theory of agent, security agent bas