Research And Implementation Of Integrated Security Management System Based On CORBA

With the development of Internet and network applications, network security technologies, security managing models and products have become more and more important. Currently, security technologies generally focus on a certain aspect of security problems with different defending ranges and characteristics. Organically integrating various excellent security products and security resources to realize a unified and efficient managing and controlling mechanism has embodied the integrality and dynamics in network security. It is an important issue to study how to carry out an efficient, advanced and reliable security management under the precondition that system security performance is sufficiently ensured.Security management based on distributed computing techniques can realize objects communication across different platforms among different languages, set up a common standard for object resource sharing, code reusing, portability and object inter-accessing in distributed application environment, and provide a good solution for interoperability among massive security resources. Therefore, it can enhance the connectivity and cooperating of security products, substantially improve the performance, scalability and fault tolerance of security-managing system, reduce the cost of security managing system component, meanwhile accelerate and perfect the construction in security management, and behave the development tide of distributed applications in security fields.This paper thoroughly analyzed the current status of security management and the characteristics and applications of distributed computing technologies, profoundly studied on CIM information modeling specifications and schemas, mainly aimed at four contributions:Firstly, this paper put forward a security integrated management system model and its three-tiered architecture based on distributed computing techniques CORBA, compartmentalized the model as several modules,, and analyzed the traits and merits of applying distributed computing technologies in security management founding on the foregoing model and architecture.Secondly, this paper constructed a CIM standard information model of IDS. designed instances to verify the validity of CIM information modeling, and framed an extension schema of security products and the associations in CIM fields.Afterwards, security collaboration was discussed, and a model frame for collaboration between firewalls and IDS was put forward. Meanwhile, modeling for static structures and dynamic actions with UML was also presented. The collaborative model is of practice in engineering when collaborations occur between Firewall and IDS of different series.Finally, a prototype of security integrated management system was realized. Interface Definition language was adopted to define interfaces. A security management system frame and an entire sample of IDS sensor managing system were designed and realized. This contribution has become a core content in projects of some headquarters.