分布式系统安全保障新体系的研究

安全问题是阻碍分布式系统发展和实用化的主要因素之一.分布式系统的安全性包括security和safety两个重要且紧密相关的方面,然而目前绝大多数的研究只限于security.可是随着软件的大量应用,分布式系统正面临严峻的防危考验,迫切需要新的safety保障技术.本文在深入分析分布式系统安全需求的基础上,提出了建立集security和safety保障为一体的分布式系统安全保障新体系的设想,并对该体系应具有的特点和设计目标进行探讨.然后针对把防危核这种safety保障新技术用于大型分布式系统存在的困难,提出了基于实时操作系统的解决方案.最后建立了一种新的安全保障体系SADS (security and safety assurance structure of distributed system),并在实时Linux平台上,以交通灯指挥系统为对象建立了SADS,验证了该SADS的可行性和有效性.

Research on New Security and Safety Assurance Structure of Distributed System

Security and safety are important and related factors that baffle the development and practicality of modern distributed system.However,most of researches on distributed system focus on security.Unfortunately,since software is being used largely in the complex distributed systems,the possibility of serious damage resulting from a software defect is considerable and growing,and then the complex distributed systems are plunging into safety crisis.In fact,distributed systems are in urgent need of new safety assurance technologies.After analyzing security and safety requirements of distributed system,we put forward new ideas for setting up the security and safety assurance structure of distributed system.We also analyze characteristics,designing aims for this structure.Since there are a lot of shortcomings in the current methods of realizing safety kernel (that is a new concept of safety assurance) in distributed system,we advance a program for RTOS to supply safety kernel mechanism.Based on all of these,we set up SADS (security and safety assurance structure of distributed system).At last,taking the control system in the traffic lights as example,prototype experiment of SADS has been done on the RT-Linux platform in the lab,and this experiment has proved the validity of SADS.