| With the development of information technology and network, higher security in distributed information processing platform is needed by the computing environment in the future. In this platform, security is one of the most important and elementary problems. As one of the key technologies in which common information processing platform is constructed, CORBA is a standard for distributed computing, which uses object-oriented technology and makes it easy developing distributed, object-oriented applications. As same as other distributed object-oriented system, CORBA(Common Object Request Broker Architecture) has the challenge of security. Therefore, OMG(Object Management Group) published CORBA security service specification, which is contained in COSS(Common Object Services Specification).This thesis bases on CORBA standard and CORBA Security Reference Model, studies the security service of middleware, summarizes the function of a secure ORB, and explains that message protection and authentication be the basis of the security architecture. After that, it puts the emphasis on the study and analysis of the micro-kernel architecture and component framework of ORB. Finally, recurring to SSL protocol, SSLIOP, one of the security interoperability protocols, has been implemented and integrated into OBus/ORB. It aims at making four major contributions:Firstly, the thesis summarizes the functionality a secure ORB should possesses after analysing the CORBA security service specification.The analysis shows that message protection and authentication be the basis of implementing secure ORB.Secondly, the thesis analyses the research efforts recently devoted to build up a CORBA system, which can be categorized into three approaches: molothilic integration approach, plug- in approach and adaptive run time approach. After that,OBus/ORB is anatomized,which is build up with micro-kernel approach.The thesis also points out the advantages of micro-kernel ORB by comparing micro-kernel approach with the other three approaches.Thirdly, referring to CORBA communication model, the thesis anatomizes OBus/IIOP, which is the basis of the security interoperability. After that,component framework is put forward.Finally, with the component framework,the thesis brings forward the protocol layer architecture about secure ORB based on SSL,designs the submodels of SSLIOP and realizes it.At last,this thesis puts effort on the testing of SSLIOP. The result shows that SSLIOP can provide message protection and authentication,while it does not have any effect on OBus except security.SSLIOP encapsulates SSL, provides authentication and message protection, and establishes the base of other works about security, such as access control, audit, secure delegation and so on.
|
PDF Full Text Request