Design And Implementation Of JMS Based Message-oriented Middleware's Security Protocol

In order to integrate the distributed applications, developer needs to provide an effective means of communication between heterogeneous network applications in distributed computing environment. The message-oriented middleware uses reliable and highly effective message delivery mechanism to conduct the data exchange between the distributed applications. Java Message Service (JMS) provides the general way to create, send, receive and read messages for Java applications.In recent years, many researchers focus their interestings on the security research of message-oriented middleware. How to guarante the safety of message transmission and data access control is the most important question. This article analyzes the existing problems of the used technologies, proposes a series of security theory with practical significance.The first chapter introduces MOM's function, basic characteristics and development tendency firstly. Then it gives the JMS's related concept. After having finished a more thorough analysis of the safe threat which faces to MOM , it describes the domestic and foreign research situation, finally points out the article's research content.The second chapter proposes a centralized authentication protocol based on JAAS technology. Along with the network development, the computer system has already entered the distributed computing time. This chapter proposes a distributed authentication protocol for MOM , describes the content, the formalized description as well as the security analysis. Finally it describes the selective encryption and the client/server's handshake protocol before connection is really created.The third chapter introduces MOM's access control.The main technology used is role based access control(RBAC). Traditional RBAC realization is too simple for enterprise application. This chapter gives an access control model for MOM based on Constrained P-RBAC, then proposes one frame using the dependable third party to cross security domains. Finally it introduces the trust management related conception and several representative trust management system.lt use XML to help finish permission configuration for MOM.The fourth chapter introduces MOM's audit. In view of MOM 's characteristics, it proposes the design principle of audit module, divides the audit event into five types, gives the detailed flow and analysis process. It applies data mining technology to help analyze audit data. Through using decision tree and other algorithms, data mining helps the auditor and the administrator to summarize rule, take the corresponding action.The fifth chapter introduces an application instance JTangMQ which is based on the security theory mentioned before.