| This paper mainly studies on security of Software Component Systems (abbr. SCS) , including user authentication mechanism of SCS, authorization & access control mechanism of SCS, secure communication mechanism between components, etc. , and its corresponding security protocols. Our study scheme is :analyzing its security objectives firstly, then designing the mechanisms that achieve the objectives, lastly designing the protocols corresponding to the mechanisms. To achieving these objectives, we need the support of cryptography. Firstly, this paper introduces the primary knowledge of cryptography, including Shannon Theory, Symmetric Key Cryptography, Public Key Cryptography, Hash Algorithm & Digital Signature Algorithm, and some well-known security mechanisms & protocols. In the process of studying and designing, we uses or references these technologies & mechanisms. According to special security requirements - security objectives - of SCS, this paper put forth a new solution for it, including a referrence model of security middleware software architecture (abbr. SMSA) for component container, access control mechanism of SCS, Inter-Components Secure Communication Protocol (abbr. ICSCP) and its auxiliary protocol. ICSCP is discussed in detail on its message format, work principle, work mode and its realization. The author implements core software modules of SMSA and some protocols by Java programming language, then experiment by them for secure communication, and get a great deal of data. By distinguishing and analyzing the data carefully, we come to a conclusion that our self-designed ICSCP is correct, feasible, and able to achieve the specific security objectives. |
PDF Full Text Request