TIAN Yu-hong,WANG Ze-bing,FENG Yan

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.24.029

2006-01-01

Abstract:The Java virtual machine(JVM)is used more frequently as the basic engine behind dynamic web services.With the proliferation of network attacks on these network resources,much work are done to provide security for the network environment.Little effort has been placed on securing a Java web server where the attacker has a valid login to the host machine.After describing the vulnerabilities in Java's security mechanisms,an extended security system based on Java 2 security architecture is introduced.It also explains the runtime status of system.The increased assurance of correct system operation and the integrity of Java application server are provided.

Chen Zhao,Yang Chen,Dawei Xu,NuerMaimaiti Heilili,Zuoquan Lin

DOI: https://doi.org/10.1007/11563952_54

2005-01-01

Abstract:In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork of security controls no longer suffices. Enterprises require a comprehensive solution that provides centralized security management, from authentication, to authorization and to auditing. To this end, we present a design and implementation of an integrative security management solution for Web-based enterprise applications, WebDaemon. It provides Single Sign-On to multiple Web applications. It also provides restricted access to Web-based content, portals, and Web applications based on Role-Based Access Control (RBAC) policies. The WebDaemon can help enterprises secure all Web resources with consistency of policy management and reduced administrative costs.

Di Wu,Yabo Dong,Jian Lin,Miaoliang Zhu

DOI: https://doi.org/10.1007/11563952_52

2005-01-01

Abstract:The fast development of E-Commerce and information technology brings much higher requirements for enterprise informationization. Because of the differences in platforms, development languages and standards etc, enterprise application integration (EAI) has become the important form of enterprise informationization to support complex business processes. Web services have emerged as the next generation of integration technology which provides the power to support interoperability. However EAI doesn’t just present new interoperability challenges; it also presents serious privacy and security challenges. This paper presents security architecture of Web Services based EAI which uses distributed Single Sign On authentication and distributed Role-based Access Control authorization. The basic concept and prototype system of the security architecture are described in detail.

xiong jia,fan zhen,zhang zengguang,zhang senlin,liu meiqin

DOI: https://doi.org/10.1109/ChiCC.2014.6896017

2014-01-01

Abstract:The traditional JavaEE existed in large enterprise web applications, uses Enterprise JavaBean as the core component, which results in high coupling and low scalability. Based on the three kinds of opening source frameworks which are Struts2, Spring and Hibernate (SSH), this paper proposes an integrated web application architecture for silk relic information system. The presented architecture not only meets the web application requirements in aspects of maintainability, scalability and code reuses, but also speeds up the system development. Furthermore, SSH architecture provides a clear layered structure, which greatly reduces development difficulty. After comprehensively analyzing the key technologies and the integration strategies of SSH architecture, the design and implementation of the system is presented to show the advantages of SSH architecture.

Yuan Shuhong,Zhu Miaoliang,Yun Xia,Wu Di

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.01.048

2008-01-01

Abstract:Traditional Enterprise Application Integration(EAI) solutions lacking the support of the united standard have difficulties in resolving the main security problems such as authentication and authorization.To solve these problems,a brand new application integration security architecture based on Web Services WSSA-EAI is proposed.Web Services are applied to create general access interface,and SSO(Single Sign On) authentication and RBAC(Role-based Access Control)authorization are combined.A united EAI security architecture which is easy for maintenance is presented..

周强,闫大顺,张永平

DOI: https://doi.org/10.3969/j.issn.1000-3428.2001.11.052

2001-01-01

Abstract:Based on the analysis of the architecture of the Internet-based monitoring system and dealing with the real-time data of the monitoring system, the design of general real-time monitoring Web data gateway is introduced in this paper. The Web data gateway is implemented by the multi-thread. It gathers the real-time data of the control system online and sends the data to the remote browser. The visual components display the real-tune data dynamically on the browser. The Web data gateway has the good function of the management and the service of the requirements of the Web pages and the users, and the data objects. At the same time, the system has flexible structure.

Wei Guanxiong,Hou Dibo,Huang Pingjie,Zhang Guangxin

DOI: https://doi.org/10.4028/www.scientific.net/amm.316-317.678

2013-01-01

Applied Mechanics and Materials

Abstract:Water quality security is the guarantee of social development, the effective management of water quality information is the key to protect the water from pollution. This article focuses on the system architecture design and technology of Web-based water quality monitoring and information management system. Real-time communication between the Flex-written pages and the SQL Server database is achieved through the application of FluorineFx. The system realizes the visualized management of water quality information by visual components such as data table and data curve and so on.

Wei Jiang,Yue Ma,Nan Sang,Ziguo Zhong

DOI: https://doi.org/10.1016/j.compeleceng.2014.10.002

IF: 4.152

2015-01-01

Computers & Electrical Engineering

Abstract:Widely deployed real-time embedded systems can improve the performance of industrial applications, but these systems also face the critical challenge of providing high quality security in an unpredictable network environment. We measure the time and energy consumptions of commonly used cryptographic algorithms on a real embedded platform and introduce a method to quantify the security risk of real-time applications. We propose a Dynamic Security Risk Management (DSRM) mechanism to manage the aperiodic real-time tasks for networked industrial applications. Inspired by the feedback design philosophy, DSRM is designed as a two-level control mechanism. The upper-level component makes efforts to admit or reject the arrival tasks and assigns the reasonable security level for each admitted task. With three proportional feedback controllers at the lower level, the security level of each ready task can be adjusted adaptively according to the dynamic environments. Simulation results show the superiority of the proposed mechanism.

Shaohua Tang

2004-01-01

Journal of Information and Computational Science

Abstract:A secure session management protocol and a centralized session administration server are designed in this paper. The administration server is responsible for the setup of a session, the generation and distribution of the session key, and the maintenance of the session statuses. A DFA-based mechanism is designed for the administration server to manage the statuses of the session. The message confidentiality, authentication and integrity are guaranteed in the session management protocol. Therefore, Web Services can be applied to e-business workflow to achieve end-to-end multi-party secure collaboration by taking advantage of the session management mechanism presented in this paper.

QIU Jun-yuan,ZHANG Yue

DOI: https://doi.org/10.16208/j.issn1000-7024.2011.08.067

2011-01-01

Abstract:To protect privacy data communication in multi-parameter monitoring data collecting system,an asynchronous message-driven secure communication module is designed and implemented.The asynchronous socket events demultiplexing and dispatching fra-mework is constructed based on WSAAsyncSelect I/O model.Secure socket layer(SSL) protocol is used to ensure secure data trans-mission.The extensibility of the module is promoted by means of polymorphism.Finally,a simple data collecting system in win32 platform is implemented with the module presented above.It is proved that the module meets the security requirement and is able to handle multiple connections simultaneously.Performance under different bandwidth conditions is guranteed.

Wei Xu,Zhangxi Tan,A. Fox,D. Patterson

2006-01-01

Abstract:In this project, we design and implement flow control in a J2EE application server by applying control theory and dynamic probabilistic scheduling. The goal is to regulate workload at the web front end to prevent overloading the shared database, while keeping fairness over all requests. Since workload in an enterprise application has a much larger variance in terms of resource demand, classical control theory does not work well. We supplement the feedback control with workload classification and dynamic queue scheduling, and find that correct queueing policy can simplify the control design. The experimental results show that our method effectively prevented database overloading and thus preventing deadlock without resources overprovisioning, as well as keeping client response time low.

Feng Wang,Baoshan Ge,Li Zhang,Yong Chen,Yang Xin,Xiayuan Li

DOI: https://doi.org/10.1002/sres.2184

2013-04-04

Systems Research and Behavioral Science

Abstract:After analysing the security conditions in current Enterprise Systems (ES), this paper proposes a systematic framework that is based on the Secure Sockets Layer Virtual Private Network (SSL‐VPN) for improving security management. This framework takes account of several key aspects such as channel strategy, network pattern, workstation authentication, identity authentication, security workflow, etc. The proposed framework has the following advantages: low cost, high performance, easy to implement, and strong security control pattern. In addition, this paper proposes a dynamic security strategy that is about authorizing user ID and roles dynamically and conducting real‐time mapping via agent or proxy technologies. Copyright © 2013 John Wiley & Sons, Ltd.

management,social sciences, interdisciplinary

ZHOU Jing-li,WANG Jian,XIA Hong-tao

DOI: https://doi.org/10.3969/j.issn.1007-130x.2006.04.001

2006-01-01

Abstract:Apache is one of the most widely used Web servers in the Internet and we can easily extend it in favor of the new features of Apache 2. This paper discusses how to implement Web application security and protection based on Apache using the Apache Filter.

YANG Jiahai,LI Xing,WU Jianping

DOI: https://doi.org/10.3321/j.issn:1000-0054.2000.05.032

2000-01-01

Abstract:A three tier network management model, the Browser Web/Manager Agent, proposed to Web applications aims to realize distributed network management by adopting Web and Java technologies, which are widely used across the Internet. The standard CGI specification and Java programming language were used to translate a user request in HTTP format to the SNMP protocol data format, and vice versa. The architecture of SuperDomain98, an implemented network management system, based on this model was described. Some key implementation features, such as the management and storage strategy, event driven work flow, the definition of extended TRAP types and web based realtime alarming were discussed.

Li Dong,Xue Yibo

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.12.093

2008-01-01

Abstract:Network applications such as network behaviour and traffic analysis,etc.,have raised higher demands for handling the network stream along with the deepened research and application in information security fields.Stream analysis was re-characterized in terms of data stream management system,and the Data Stream Management System for Information Security(IS-DSMS) which could fit the gigabyte network was designed and implemented.The technologies of sample,synopsis and sliding windows were adopted to optimize five common aggregated queries in the system.The test experiments have proved that it has practical performance in gigabyte network condition and can be used as the real-time engine to query and make statistic of the network data flow.Meanwhile,it may provide a high and effective support to network invasion and network monitoring.

Zhihui Dai,Lingjiang Wu,Haili Xiao,Hong Wu,Xuebin Chi

DOI: https://doi.org/10.1109/gcc.2007.14

2007-01-01

Abstract:Grid computing becomes more and more popular in high performance computing, major science communities now accept that grid technology is important for their future. Our super computing center has a set of scientific projects which need grid computing technology and environment. In this paper, we introduce an under research grid middleware SCE (scientific computing environment) for the scientific super computing service environment. It is mainly based on the OPENSSH software package, adopts the open grid services architecture (OGSA) and defines its resource by the Web service resource framework (WSRF) specification. It is a service based middleware. The paper not only gives an introduction to the main framework of the SCE but also gives the details of the implementation of the four main services defined by OGSA, grid security, job management, data management and information service.

Jingsi Ren,Jinlin Wang,Xiao Chen,Xiaozhou Ye

DOI: https://doi.org/10.18178/wcse.2017.06.137

2017-01-01

Abstract:Cloud storage offers a flexible, dynamic and cost effective data storage service.However, there are some major concerns regarding the security and privacy of data in cloud storage.This paper presents design and implementation of a Cloud Storage Security Gateway (CSSG) based on real-time processing.The CSSG serves all clients in an organization that outsources its data through HTTP based interface protocol.The outsourced data is encrypted on uploading and decrypted on downloading in real-time on the proposed CSSG.The session between the client and the Cloud Service Provider (CSP) is not interrupted.Hence the data confidentiality during communication and storage is effectively safeguarded.In addition, the CSSG remains transparent to both the client and CSP, therefore it can be used seamlessly with existing applications.The experimental results validate the efficiency of the proposed CSSG.

Xing-Zhi Wang,Zheng Yan,Li

2009-01-01

Abstract:The requirements for significant computational resources imposed by dynamic security assessment applications have led to an increasing interest in the use of parallel and distributed computing technologies. This paper presents an adaptive scheme that involves user-friendly flat application program interfaces for scripting and an object-oriented programming environment for distributed dynamic security assessment implementation. Functional parallelism and data parallelism are supported by each of the message passing interface model and TCP/IP model. Adaptive stochastic-based objectives and conservative parameter prediction techniques are used to produce more efficient data parallelism. Tests for a 39-bus network and a 3872-bus network are reported, and the results of these experiments demonstrate that the proposed scheme is able to execute the distributed simulations on either stand-alone personal computers, cluster systems, or a computational grid infrastructure and provide efficient parallelism for the given environment.

Xinming Chen,Beipeng Mu,Zhen Chen

DOI: https://doi.org/10.1109/cmc.2011.94

2011-01-01

Abstract:Malicious attacks are frequently launched to make specified network service unavailable, compromising end hosts for political or business purpose. Though network security appliances are widely deployed to resist these attacks, there is a lack of dynamic and collaborative platform to flexibly configure and manage all the security elements. In this paper, we present NetSecu, a platform based on Java and Click Router, which can dynamically enable, disable and configure security elements such as firewall, IPS and AV. Furthermore, a collaborate module is implemented to integrate individual NetSecu platform into a Secure Overlay Network, providing collaborative traffic control against DDoS attack. Equipped with collaborate module, NetSecu platforms are organized in a tree hierarchy where each level node is registered to its father node. A Central Management Site acts as the root node for large scale deployment. The policy is distributed from higher level to lower level NetSecu nodes, while security events are aggregated from lower level to higher level. Performance evaluation shows that our NetSecu system can achieve line rate with and without security function. Finally we deploy the NetSecu platform in multiple sites, where our design is fully demonstrated and tested.

Wu Liang,Zhou Xuehai,Hu Nan,Liu Yi

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.09.020

2009-01-01

Abstract:Current prevailed Web application frameworks are introduced together with their deficiency on not performing very well in state maintenance management.A new context is presented in this paper and a Web application framework based on wizard is proposed.The reference implementation of the framework on Java platform is given,which meets the needs of practical application as shown in an instance by providing fine-grained context management.