基于状态标志的可靠消息中间件的设计与实现

本文介绍了一种新的基于状态标志的可靠消息中间件的设计与实现方案,可以实现消息队列的高可靠通信,同时支持Sun Solaris／Sco Unix／Linux／Windows2003等操作系统,以及提供消息中间件API。     

基于CORBA的多层分布式系统研究

CORBA规范实现了分布式系统和面向对象技术的完美结合，实现中使用了代理器，将分布式请求映射到能处理这些请求的实现上，实现不同语言环境（C^ ,Java,Delphi,C等）之间的互调用，并运行在不同的操作系统（如：Windows,Linux,Solaris,Unix等）上，使其灵活运用于多层分布式系统的互操作中。     

A multiplatform Java wrapper for the BioAPI framework

We present a solution for the development of multiplatform and web-oriented Java applications for biometric authentication based on the BioAPI framework. Our proposal is a single Java Native Interface wrapper that is compatible with the BioAPI instantiations of Windows and Linux/Unix operating systems. Following a study of existing wrappers, we extended the open-source Linux/Unix wrapper to include Windows support. In order to show the utility of this multiplatform Java wrapper, we discuss some of its possible uses and present a real-life application.     

主动型安全防护措施—陷阱网络的研究与设计

介绍了陷阱网络的设计、实现及关键技术，提出了一个陷阱网络的模型，分析与模拟结果表明，陷阱网络能实现Windows,Linux,Solaris操作系统及FTP,telnet,WWW等网络基本服务的模型，可与防火墙，入侵检测系统联动，实现对入侵行为的主动引入及对入侵过程的记录和监控。     

一体化机群操作系统Phoenix

从操作系统的角度完备地定义了一体化机群功能软件Phoenix的体系结构,将机群操作系统分为异构资源、机群操作系统核心、用户环境3个层次,综合用户环境的核心需求,定义了机群操作系统核心的结构,并且基于组服务保证了机群操作系统核心的容错和可扩展特性．在机群操作系统核心的基础上构造了满足于不同用户需求的用户环境．Phoenix在曙光4000A高性能计算机系统上得到了应用．     

Quattor: Tools and Techniques for the Configuration,Installation and Management of Large-Scale Grid Computing Fabrics

This paper describes the quattor tool suite, a new system for the installation, configuration, and management of operating systems and application software for computing fabrics. At present Unix derivatives such as Linux and Solaris are supported. Quattor is a powerful, portable and modular open source solution that has been shown to scale to thousands of computing nodes and offers a significant reduction in management costs for large computing fabrics. The quattor tool suite includes innovations compared to existing solutions which make it very useful for computing fabrics integrated into grid environments. Evaluations of the tool suite in current large scale computing environments are presented.     

Linux安全性能改进研究

自由软件Linux功能强大,移植性好,与Unix兼容,但随着Internet的发展,人们对信息安全的要求越来越高,目前普通的Linux无法满足这一要求。文章介绍了几种安全技术以改进Linux的安全性能,并讨论了增强后Linux的安全性能。     

Samba服务器共享资源安全系统层次模型研究

Samba是一套使用SMB(Server Message Block)协议的应用程序。通过支持这个协议，Samba允许Unix／Linux服务器与Windows产品之间进行通讯。文中提出了Samba服务器的安全体系层次模型，分析了Samba服务器的各个安全层次，介绍了如何配置参数实现Unix／Linux主机与windows主机之间资源共享的安全性，并针对应用中出现的一些问题讨论了解决的方法。     

基于Windows Server 2008的Internet/Intranet网站服务器组建与设计

近年来．企业局域网大部分由Netware、Unix、Windows NT三大网络操作系统把持着,而基于Windows Server 2008的Internet／Intranet在国内发展如火如荼。目前32位版本的服务器操作系统Windows Server 2008凭借其可移植性好,安全性达到美国政府的C2级等优势一直是创建网站服务器的理想选择,基于Windows Server 2008的网站服务器组建与设计,将为电子商务及商业应用程序连线搭建更大更好的平台。     

跨平台可移植远程并行程序调试器的设计与实现

介绍了一个跨平台远程并行程序调试器的设计与实现.该调试器实现了平台可移植和模块可移植,支持从Windows平台远程调试Unix/Linux平台PVM/MPI并行程序.与相关工作的比较显示,该调试器降低了开发并行程序的复杂度,提高了机群系统的使用效率,具有很好的实用价值.     

Audlib: a configurable,high‐fidelity application audit mechanism

In this paper, we introduce Audlib, an extendable tool for generating security‐relevant information on Unix systems. Audlib is a wrapper environment that generates application level audit information from existing executable programs. Audlib is not a detection system, instead it is designed to supplement existing audit systems and work transparently with them. Audlib records information that is not presently available from existing kernel‐level audit sources. Here, we describe the design of the Audlib framework and the information it provides. We compare auditing the actions of a web server with Audlib to existing kernel audit sources and show that we have 2–4 times the throughput of Linux auditd and less than half the performance overhead of Solaris BSM while collecting detailed information about the server's execution. Although Audlib is focused on recording security information, this technique can be used to collect data for a wide variety of purposes including profiling, dependency analysis, and debugging. Copyright © 2010 John Wiley & Sons, Ltd.     

A tool for converting Linux device drivers into Solaris compatible binaries

The Linux operating system is quickly becoming a standard, attracting a wide user community and supporting a broad variety of applications and devices. Other vendors, such as Sun, have provided Linux‐compatible system call interfaces to their kernels, but are constrained by the lack of device support. To address this problem, we present a system (called PITS) to build device drivers, in this case for Solaris x86, from Linux source code. To accomplish this goal, we designed tools and Linux kernel emulation code to handle the myriad incompatibilities. These incompatibilities require the ability to resolve symbol conflicts, emulate internal Linux kernel data structures, handle module initialization, and generate module dependencies. With our method, we show that converting Linux device drivers is possible, but has a few technical difficulties. Issues arise with sparse documentation, external user interfaces, and modular driver implementations. There are also fundamental differences between the two operating systems, such as interrupt and DMA handling. We describe each of these issues and their current solutions to build a functional driver in the Solaris environment. Using the IOzone file system benchmark, we also demonstrate comparable performance between our generated SCSI driver set and their corresponding native counterparts. Copyright © 2006 John Wiley & Sons, Ltd.     

基于Linux的超算系统中Windows应用程序运行环境探究

超算系统大多是基于Linux操作系统搭建的,限制了基于Windows操作系统的应用软件使用。此外,超算系统操作的高门槛使不熟悉Linux操作系统的用户望而却步,造成超算系统用户流失。基于Linux超算系统环境,探索兼顾超算系统运维管理便利性的Windows应用程序使用方法。研究通过X11转发、Wine和虚拟化等技术,为用户提供兼容超算作业调度系统Windows应用程序运行环境,同时提供安全、稳定的用户个人文件访问方法。所采用的配置方法与实例,可为具有类似需求的超算中心提供解决方案,从而拓宽用户软件应用范围,提高用户满意度。     

利用DLL在UG16.0微机版中构造用户界面

UG软件是目前流行的优秀的CAD／CAM集成软件。但由于是从Unix移植而来,微机版的用户界面开发基本上仍遵从于Motif开发接口,在Windows环境下的用户界面开发上不方便,风格不统一。详细分析了UG16．0的开发接口,提出了在VC环境下利用动态链接库构建UO应用程序界面的方法,并予以实现,取得了较满意的效果。     

Internet域名服务器创建与配置探讨

域名服务器是因特网提供的主要服务之一,本文介绍域名服务器的原理并结合因特网站点讨论了WindowsNT、Linux、Unix操作系统下如何建立域名服务器和具体的配置方法与特点。     

平台无关的访问控制框架研究与实现

为了使开发的访问控制模块可以在不同的平台上实施,通过总结不同平台异同点以及现有安全系统中访问控制实现方法,抽象出访问控制机制对平台的依赖,设计了一个平台无关灵活的访问控制框架PIFAC,且已经被实施在Windows、Linux以及Rtems系统上。     

PARMON: a portable and scalable monitoring system for clusters

Workstation/PC clusters have become a cost‐effective solution for high performance computing. C‐DAC's PARAM 10000 (or OpenFrame, internal code name) is a large cluster of high‐performance workstations interconnected through low‐latency and high bandwidth networks. The management and control of such a huge system is a tedious and challenging task since workstations/PCs are typically designed to work as a standalone system rather than part of a cluster. We have designed and developed a tool called PARMON that allows effective monitoring and control of large clusters. It supports the monitoring of critical system resource activities and their utilization at three different levels: entire system, node and component level. It also allows the monitoring of multiple instances of the same component; for instance, multiple processors in SMP type cluster nodes. PARMON is a portable, flexible, interactive, scalable, location‐transparent, and comprehensive environment based on client–server technology. The major components of PARMON are parmon‐server—system resource activities and utilization information provider and parmon‐client—a GUI based client responsible for interacting with parmon‐server and users for data gathering in real‐time and presenting information graphically for visualization. The client is developed as a Java application and the server is developed as a multithreaded server using C and POSIX/Solaris threads since Java does not support interfaces to access system internals. PARMON is regularly used to monitor PARAM 10000 supercomputer, a cluster of 48+ Ultra‐4 workstations powered by the Solaris operating system. The recent popularity of Beowulf‐class clusters (dedicated Linux clusters) in terms of price–performance ratio has motivated us to port PARMON to Linux (accomplished by porting system dependent portions of parmon‐server). This enables management/monitoring of both Solaris and Linux‐based clusters (federated clusters) through a single user interface. Copyright © 2000 John Wiley & Sons, Ltd.     

基于Windows系统的入侵证据收集研究

目前,世界各国对计算机取证技术进行了大量的研究与实践,但是大多数都是基于Linux(Unix)系统的计算机取证技术研究,而Windows系统作为目前最常用的操作系统,尤其在我们国家大多数人都在使用,因此,研究windows系统上的入侵证据收集方法具有非常重要的现实意义。通过对Windows系统特性分析,给出显形证据与隐形证据的收集方法,以获取重要的入侵线索和结论。为解决计算机取证遇到的问题,打击计算机犯罪、保障国家信息安全做出贡献。     

Learning from experience: operating system vulnerability trends

Despite their failings, collections of vulnerability bulletins and incident reports still provide the best source for data that could give security engineering a quantitative basis. For this reason, we used vulnerability bulletins to extract statistics about the security of common products; specifically the diverse security characteristics of operating systems in the Windows, Unix, and Linux families. In many cases, the data that was available, rather than security engineering requirements, dictated which statistics we derived. Nevertheless, our findings provide interesting insights into how the various products differ and suggest which security mechanisms would most effectively protect different system designs.     

基于Socket的跨平台数据监测网络编程方法

在研究了Unix平台和Windows平台下网络编程技术的基础上,对Unix平台下开发的数据处理服务器采用异构平台监测方法,实现跨平台的网络编程,发挥了Unix和Windows两种操作系统各自的优点,实现低成本、高收益的服务器功能扩展.