| Current security status quo clearly shows that traditional security theories and technologies can't provide basic and reliable guarantees for mission-critical system any more. How to ensure the critical tasks finished continuously and in time has been an urgent problem which needs to be solved. Survivability is emerging as a novel research topic to meet current application requirements. Survivability, as a core objective of the next generation network security, has become a hot research topic and represents a new research direction in network security field. Concluded from the history, status and developing trend of network security, enhancement of system survivability is the best way to cope with all the attacks, intrusions and destructions at present.The technology of survivability enhancement mainly studies the methods and techniques for improving system survivability, which is carried out as enhancing design and advice aiming at the weak points of existing system during resistance, identify and recovery. The survivability-oriented emergency technology is to respond to dynamic system survivability situation initiatively and foresightedly, which is a series of strategy set established in advance and prepared to carry out to ensure that key services can run normally in case of service failures. At present, survivability-oriented emergency technology has become an important research branch in the field of system survivability enhancement, which is in the ascendant stages. However, current researches are still rare and limited in institutes like CMU, CERT/CC, EDI, DARPA, and BBN and so on. Many crucial questions have not been solved, and deep theoretical research and implementation are still lacks. Most realizations still stays at the stages of simulation and emulation. In this dissertation, a more systematic study has been carried out, which focus on triple class gradual control mode 'Monitor-Analysis-Response' to study several emergency key technologies for system survivability improvement.First, emergency awareness model of mission-critical system survivability situation was studied. A quantitative evaluation model for system survivability situation based on grey relation analysis was proposed, which applied grey relation analysis to assess the best affiliate degree and survivability probability of every key service starting with normalizing interval number performance index decision-making metrics. Then, the changes of every key service's survivability situation based on network entropy difference were assessed. Finally, the synthesis evaluation for the whole network system could be gained. And that, starting with unequal interval original sampled survivability evaluation data sequence, the grey verhulst model or its inverse function based on the swaying character of S or reverse S shape presented by accumulated sequence could be chosen to forecast future survivability value of a system. Moreover, the forecast precision of model could be improved based on multilevel residual error. Finally, the new model with residue correct can be used for gaining the intuitionistic network survivability situation curve graph.Second, the emergency analysis method for the improvement of system survivability was studied. A novel algorithm of Criticality-Lifetime-Deadline-First (CLDF) from the point view of emergency scheduling was proposed, which is a Survivable enhanced scheme. Firstly, a novel method for choosing right scheduling parameters is proposed based on the analysis of parametric sensitivity. Then, the implementation of CLDF algorithm is given using multi-linked lists, including service acceptance policy and service completion/abortion policy. Finally, in order to relieve the frequent switching or serious thrashing caused by CLDF, a feasible solution is presented to the CLDF algorithm based on the preemption threshold. The experimental results show that the proposed method can provide guarantees for survivability of critical services, especially when the system is overload, the performance can degrade gracefully, and which effectively improves the survivability of the whole system.Third, the emergency response method for the improvement of system survivability was studied. Taking the requirements of emergency response as research background, an emergency response algorithm based on autonomic configuration was presented, which solved the choice of emergency response time and the reconfiguration of emergency resources in the process of autonomic emergency. First, based on the central limit theorem and the hypothesis testing theory, the confidence interval of each key service's history average service response time in the host server and spare server can be figured out respectively. Then, according to the five kinds of distributed situations of current service response time's confidence interval in the host server and spare server, the proposed algorithm can dynamically choose feasible emergency schemes at the right time. Finally, an emergency resource reconfiguration algorithm is proposed, which satisfies requirements of the least time of emergency response and the smallest numbers of non-critical service preempted. The whole configuration process is transparent to users and guarantees that critical services can be finished within its expected deadline by users as far as possible.Finally, a fine-grained emergency rejuvenation method for Survivable system was studied. First of all, several typical failure models of system and service were formally described based on Petri nets, in which a number of measurable index parameters for rejuvenation were also given out. And then a four-level nested recursive emergency rejuvenation strategy was proposed based on system-level, service-level, process-level and thread-level, the computing process of rejuvenation priority is also defined and the chain of rejuvenation is obtained. Eventually, the implementation process of four-level emergency rejuvenation strategy was described using SPNs.
|
PDF Full Text Request