| With the growing development of open network, network security has become the focus of the IT industry. Intrusion-tolerance technology as a new means of defense for network security, has also gradually become a hot topic in academic circles. To further enhance the intrusion-tolerant system reliability and survivability, self-healing intrusion-tolerance technology has gradually been academic interest, as the area of intrusion-tolerance of a new focus.Based on in-depth analysis of intrusion-tolerance J2EE application server platform and related research status at home and abroad, in this paper, combining intrusion-tolerance theory and self-healing technology, the self-healing intrusion-tolerance J2EE application server platform design is presented, and a self-healing intrusion-tolerance method is proposed, which aim at providing the more comprehensive fault and intrusion-tolerance capabilities to the intrusion-tolerate system. In this paper, innovation, contribution and significance are as follows:1. For the shortcomings of the existing intrusion-tolerance system, a self-healing intrusion-tolerance method is proposed. The method effectively make the software self-healing technology into intrusion-tolerant systems, to solve the problems that the premise of shielding mechanisms for intrusion-tolerance condition was easily damaged, hidden intrusion and software aging exist in the existing intrusion-tolerant systems. Based on this method, a tolerance invasion J2EE application server platform design is presented. The design as follows: as an embedded point to the interceptor in J2EE specification, the self-healing intrusion-tolerant function for the J2EE application server was extended transparently.2. After the self-healing, in order to resolve synchronization problems of the running business in the platform, a strong migration method of EJB components based on JPDA. This method is used primarily to keep the self-healing application server business state synchronization, while addressing the issues which the existing EJB component migration method cannot migrate the running states and commonality is not strong.3. According to the proposed platform, we achieved a self-healing intrusion-tolerant J2EE application server platform prototype and applied the self-healing intrusion-tolerant method in the prototype. Experiments were conducted on the prototype, including self-healing time test, DoS attacks test, and software aging test. Test results show that the designed self-healing intrusion-tolerant J2EE application server platform than the intrusion-tolerant J2EE server platform and the open source J2EE platform have higher reliability and greater survivability. Key words: Self-healing, Intrusion-tolerance, J2EE, Application Server, Component Strong Migration... |
PDF Full Text Request