Research On The Technology Of Security Provenance Based On Announcement Type Network

With the rapid development of information technology,the distributed system has been improved,which has been developed from the original simple local network to today’s large-scale P2 P network and cloud computing platform. Nodes deployed hundreds of thousands,covering multiple areas and management domain.Due to the continuous expansion of the size of the system,complexity and risk is also growing,system security is facing unprecedented challenges. System managers urgently need to help solve the problems such as fault finding,system debugging,behavior accountability and damage assessment through the reliable technology of network proof. The technology of network tracing proof refers to chang in the network,network behavior and application behavior back to the initiator through technical means,tracking the source of the problem,and to take legal measures to provide effective evidence.This thesis describes the background,meaning and goal of the project.It describes the development of Internet and network security,distributed systems,declarative networking,and network tracing method and other related technologies.This paper describes the process of system realization in details from system requirements analysis,design of network traceability system based on declarative and Witness systems to achieve the implementation. This paper studied the issues of cloud platform architectures,virtualization server architecture,traceability information inquiry and maintenance,origin of network security model. Finally,it shows the four modules of control Panel,resources,analysis,management.Based on java language, Witness software consists of Server, Database and Agent.Server get information list and standard data from the agent-side,then stored in the database and provided access to the model.Software using b/s structure and operating by system services in platform of windows and linux.The software application based on virtual cloud platform of windows OS.It collected data information by installing the agent on the some agent terminals in the cloud platform.By inputting the corresponding web site,Witness homepage can observated data change in real time,event of alert generateded and other resources.