Research On Software Survivability And Securely Distribution Technology

As one of the most important component of information system, software is considered as the "soul" of the information system. By considering that the failure and paralysis of information system are mainly rooted from vulnerability of software, it is essential to ensure the security of software operation in the information system. Due to the fact that the basic platform of modern information system greatly depends on networks, it becomes normal to release and deliver software products through Internet. With the appearance of this situation, more attention and concern have been paid to the physical security of software.This thesis focuses on the software security in terms of operation security and physical security. Specifically, this thesis tries to investigate the solutions for the following two issues:(1) Reducing the damage of the information system caused by the software vulnerability;(2) Ensuring the release and delivery of software products securely via network.Regarding to the formal issue, we investigate to seek the solution based on the idea of information system survivability technology. In particular, we proposed a software system survivability evaluation model, and studied the survivability recovery technology extensively, which is an important survivability insurance technology for software system. For the latter issue, we proposed a general and software securely distribution protocol, which can achieve user identity privacy preservation, and conducted an insightful discussion on the key technology of the protocol-certificate based digital signature technology.The main achievements and contributions of this thesis can be summarized as follows:(1) We proposed a software system survivability evaluation model based on running environment and system structure.From the perspective of survivability, our model regards software system as a set of software services, and then abstracts one software service to a set of software operations. Based on this, our model defines the survivability quantitation of software operations, further provides calculation formula for software services survivability, and finally presents calculation model for software system survivability. Compared with the existing software system survivability evaluation model, our model takes into full consideration of the running environment of software system to the software system survivability, and brings environmental factors into the survivability quantitative definition of software operations and the calculation formula of software service survivability. Meanwhile, our model also takes full account of the interdependence among software services into software system survivability, and proposes two software system survivability calculation models, which are called "service importance weighted average apply to service weight priority" and "Markov state transition apply to services invocation probability priority", respectively.(2) We proposed a reliable checkpoint based distributed software system survivability recovery mechanism.Based on our software system survivability evaluation model, this thesis provides recovery strategies in case part or all of software system services become invalid. To realize these recovery strategies in distributed software system, this thesis designed a reliable distributed software system survivability recovery mechanism based on cooperative distributed checkpoint technology. The reliability of this mechanism is embodied in:when the communication link between checkpoint center process and distributed sub-process breaks down, it can ensure the smooth implementation of the activity of correlative distributed sub-process checkpoint by detecting and establishing redundant communication link or implementing process transfer and further preserve the global consistency of distributed sub-process checkpoint state.(3) We proposed an aspect oriented programming (AOP) application-level checkpoint implementation technology.Our distributed software system survivability recovery mechanism includes three levels:system level, user level and application level. The application level implementation technology enjoys he advantages of low cost and good portability, but suffers from the code entanglement and the heavy burden of software system developers. In order to overcome these shortcomings, this thesis designed a new application level checkpoint implementation technology based on AOP theory. This technology extracts all of the code which related to checkpoint technology from core business and places these codes in the checkpoint aspect. In this way, the developer of core business module can ignore how to realize the checkpoint technology, and how to be invoked. Checkpoint aspect developer will relate checkpoint mechanism with core business module together according to the request, with which will not disturb or affect core business module developers.(4) We proposed a general and software securely distribution protocol, which can offer user identity privacy protection.This thesis presents a general and software securely distribution protocol, which can realize user identity privacy protection, based on the certificate based ring signature and key-insulated signature. This protocol can realize bidirectional identity authentication between software provider and software users and preserve identity privacy of software users from any other entities including software providers. Meanwhile, in case the master key of software provider has been leaked in any time period, the security of our protocol in this thesis will not be affected before or after this time period. By incorporating the certificate-based public key cryptosystem, this protocol also resolves the public key certificate management and key escrow problem simultaneously. Furthermore, this protocol can be instantiated by using any certificate based ring signature scheme and key-insulation signature scheme.(5) We proposed a provable security certificate based key insulation signature scheme.Certificate based signature integrates specialties of public key based signature and identity based signature, so the scheme proposed in this thesis avoids the shortcomings of public key based signature and identity based signature. Take hostile situations into account, the insecurity deployment of CBS often unavoidably causes signature key leakage, our scheme can reduce the negative effect from key leakage. Our scheme doesn’t utilize bilinear pairings, which has high computational cost. Thus, our scheme preforms better than the existing key-insulation CBS schemes on the performance, and is more suitable for low-power devices. Besides, our scheme has been formally proved unforgeability under discrete logarithm assumption in the random oracle, model by formal proof.