| E-Government is one of the important parts of informationization contrstruction of the China national Eleventh Five-Year Plan. E-Government with the characteristics of openness, virtualization and networking makes more and more requiremnents to the security and management techniques and scheme. Based on the requirements of the security and efficiency of E-Government, this paper focuses on the evaluation and enhancement techniques of system security, the integrated management platform and the key technologies. Meanwhile, MPLS traffic engineering technology is studied and a new traffic distribution algorithm is proposed. The detailed work can be summaried as following.a. Research on the evaluation and enhancement technique of E-Government system security. Because E-Government systems are servicing for diversified applications, crossing multiple platforms and supporting multiple kinds of devices. A new mechanism called security factor tree is proposed based on the idea of the decision tree and analytic hierarchy process. By applying the security factor tree to the analytic hierarchy process method, the new evaluation scheme makes the levels adjustable. We use small samples to train the models and get a new simple evaluation model. The evaluation of a working E-Government system shows that the main drawback is the underlying HTTP transmission of applications. Although it is very simple and convenient, the authentication technology of the traditional HTTP is very weak. So a new bidirectional authentication mechanism based on digest is proposed. By the new method, which solves the problem of fixed simple encryption algorithm and no identify, the security level of E-government system is increased.b. Optimizing Design and Realization of E-Government management platform. Because of the service characteristics and management needs of E-Government system, a new integrated platform is proposed. We integrate LDAP with SNMP, and merge a SNMP client into user client, which ensures the user's accessing ability. According to the introduction of the virtual link, the users are allowed to access E-government system, only through the management platform, ensuring the secure and uniformed management.c. Research on MPLS traffic engineering technology and distributing traffic technology over multiple paths dynamically. One of the main requirements of the E-Government networks is to provide QoS guarantee to users and important applications under the resource limited environment. Our analysis shows that static distribution of traffic based on the topology and resources to multi-path could not solve the above problem. This paper proposes a new algorithm of the dynamic traffic distribution over multiple paths. Considering the feasibility,the concept of channel resistance is given,optimizing the traffic,a undirectional delay probing technique is involved. The new algorithm classifies the traffic at the flow level, then the problem of disorder is solved. And only the bound routers are involved, providing extensibility. The simulation result shows that: By considering both the queuing delay and loss rate, the fairness of the new method is guaranteed.
|
PDF Full Text Request