Study On Migrating Instance Run-Time Security Based On Temporal Logic

Migrating workflow is a new computing model, which combined mobile agent technology with traditional workflow management system, has been a new direction within the workflow management research in recent years, has good application prospects.In migrating workflow system that based on the mobile computing paradigm, migrating instance(MI) is defined as the executor of tasks. MI is generated by management engine and can migrate within workstations, using the local resources and services provided by workstation executing one or many tasks. When MI finds current workstation can't satisfies the requirement for executing task, it can migrate to another workstation that can satisfies it's requirement and continue executing.With code migrating among network nodes to collect and deal with information automatically, the mobile agent technology has many advantages such as reducing the network flux, suiting the mobile user, adaptable to data integration and possessing parallel feature, etc. So workflow constructed based on mobile agent technology can solve the deficiencies in performance and application to a certain extent. However, the security risks brought by the migrating characteristic of migrating instance, which is constructed based on the mobile agent paradigm, propose greater challenges to the security of migrating workflow. So, it is an urgently solved problem to build corresponding security mechanism to reduce these security risks.In the migrating workflow system, the security problems brought by migrating instance contain the workplace security problems and the migrating instance security problems. Among which, the run-time security protection technology of the migrating instance is the current research on hot issues and tough. In the migrating workflow, there are potential risks for migrating instance as a task executor that its data, code and state may be modified and spied out when migrating and executing.On the basis of above research background, this thesis mainly discussed the security problem of migrating instance. We firstly analyse the existing security technologies to protect migrating instance, with the help of the Petri Net model for migrating instance, we find out the temporal logic constraints between the state, event and behavior during the running process. And on this basis, we presented a run-time safety verification technology based on LTL and AOP technologies(AspectJ). Furthermore, we proposed a run-time security monitoring framework for migrating instance. By using of the run-time safety monitoring mechanisms, MI can automatically identify the malicious behavior on its own code, data and state tampering, and report it to the migration workflow management engine. Different situations, the MI can take of its own independent action, it is also available to take corresponding action under the direction of the migration workflow management engine. This method not only enhance the security of the migrating workflow management system, but also further enhanced the knowablity about the MI execution traces through the state, events, behavior sequences producerd by the MI during its execution.Migrating workflow is a being the development of new technology, migrating instance has special advantage in Large-scale, distributed, cross-platform applications. However, due to the current technology has not yet matured, it's management,communication mechanism,migration,security, and many other areas need further study. Along with the continuous deepening of research, migration workflow system's security issues will be gradually resolved.