| Currently the J2EE application server has been widely used in the information construction of various important industries or fields, and with the national information construction been constantly deepened, its demand scale and application status will be still raising continuously. In view of this, the safety of the server products becomes the technical links which should be solved. Although the current server products have provided a wide variety of security mechanisms or technical means, however, these mechanisms or methods are not so perfect enough that they can't guarantee the system could provide the normal or degraded services continuosly when system security is under threat seriously.To ensure the reliable and uninterrupted services of the system, An intrusion tolerant J2EE application server platform and its key techniques were researched, which aimed at providing the ability of whole fault/intrusion tolerance for the current J2EE application server system. And main content, innovation, contribution and significance in this paper are as follows:From the point of view of security mechanism and clustering management mode used commonly, the deficiencies of the J2EE application server were presented. Considering these deficiencies, a survivable J2EE application server system architecture and fault/intrusion tolerance method was proposed. And the modules to be extended were concretely designed. Therefore, the intrusion-tolerant function for the server was extended transparently.In the architecture, a key module, voter was selected as the mainly completed component. First, the detailed design of the voter structure was gived; Second, aiming at the problem which exists in the current majority voting algorithm, such as the low reliable voting output, the high communication complexity, the response with heterogeneous data or a large quantity of data which is hard to vote, etc., a hybrid majority voting algorithm is designed and applied in the voter. It can be used not only to shield the fault application server's outputs in the platform, but also to trigger the fault/intrusion tolerance strategy of platform to be carried out.According to the designed method, a survivable J2EE application server prototype was realized, and a hybrid voting algorithm was achieved in the prototype. The prototype platform's performance and the hybrid voting algorithm's safty, reliability and the communication complexity were tested by experiments, and the test results showed that the survivable server platform has a stronger survivability than the current server cluster, and the hybrid majority voting algorithm is safer and more reliable and has lower communication complexity than the current majority voting algorithm. |
PDF Full Text Request