首页 | 本学科首页   官方微博 | 高级检索  
     

中国科学院SAMP系统的加密通信
引用本文:肖欧,尹震宇.中国科学院SAMP系统的加密通信[J].计算机系统应用,2016,25(5):19-27.
作者姓名:肖欧  尹震宇
作者单位:中国科学院大学, 北京 100049;中国科学院 沈阳计算技术研究所, 沈阳 110168,中国科学院 沈阳计算技术研究所, 沈阳 110168
基金项目:"数控系统功能安全技术研究"国家科技重大专项(2014ZX04009031)
摘    要:中科院仪器设备共享管理平台(Apparatus and Equipment Sharing Management Platform of Chinese Academy of Sciences,以下简称SAMP)在通信过程中,存在重要数据在传输时没有加密、可能会接收到第三方恶意数据等数据通信安全问题,导致SAMP系统可能存在数据被窃取、收到的数据不安全等威胁.针对这些问题,结合SAMP系统的特点以及其通信数据的特征,将基于Axis2 Rampart模块的WS-Security数字签名和加密技术应用于SAMP数据通信安全问题.本文首先简单介绍了Axis2框架、数字签名和加密技术、Axis2 Rampart模块加密原理,然后基于Axis2 Rampart模块,采用数字签名+口令+非对称加密的WS-Security通信安全方案,对SAMP系统网络之间的数据传输接口进行封装,实现了消息传输的签名、认证和加密、解密过程,最后测试并分析对比了使用安全方案前和使用安全方案后,SAMP的Web Services数据传输接口的响应处理时间和CPU占用率.实验结果表明:使用Axis2 Rampart模块+数字签名+口令+加密来保证SAMP系统的数据通信安全问题具有高安全性、高可扩展性和高响应处理速度,符合实际应用需求,也能够广泛的推广到其他企业Web应用中去.

关 键 词:WS-Security  Axis2  Rampart  签名与加密  模块扩展  SAMP
收稿时间:2015/9/18 0:00:00
修稿时间:2015/10/26 0:00:00

Communication Encryption of Axis2 in Apparatus and Equipment Sharing Management System of Chinese Academy of Sciences
XIAO Ou and YIN Zhen-Yu.Communication Encryption of Axis2 in Apparatus and Equipment Sharing Management System of Chinese Academy of Sciences[J].Computer Systems& Applications,2016,25(5):19-27.
Authors:XIAO Ou and YIN Zhen-Yu
Affiliation:University of Chinese Academy of Science, Beijing 100049, China;Shenyang Institute of Computing Technology, Chinese Academy of Science, Shenyang 110168, China and Shenyang Institute of Computing Technology, Chinese Academy of Science, Shenyang 110168, China
Abstract:Considering these security problems of data transmission such as some import data is transited without encryption, malicious data might be received from a third part in Apparatus And Equipment Sharing Management Platform of Chinese Academy of Sciences (SAMP), SAMP system may result these threats of data theft and data receive insecurity. To solve these problems, combined with the characteristics of SAMP System and its features of data transmission, the technologies of digital signature and encryption of WS-Security based on the Axis2 Rampart module are applied to the issue of data communication security of SAMP System. Firstly, the Axis2 framework, digital signature, encryption technology and the encryption principle of Axis Rampart module are introduced by this paper briefly. After that, encapsulate the data transmission interface of SAMP System by using a data transmission security solution, which uses a combination of digital signature + password + asymmetric encryption of WS-Security. It implements the signature, authentication, encryption and decryption process of message transmission. Finally, it also tests and analyzes the processing time of the response and CPU usage of data transmission interface in SAMP System. The experiment results show that by using the combination technology of Axis2 Rampart module + digital signature + password + encrypt, it can ensure that the security issue of data transmission of SAMP system has a high security, high scalability and high response speed, meet the demand of practical application, and be widely promoted to other Web Application of Enterprise.
Keywords:WS-Security specification  Axis2  Rampart  signature and encryption  modular extension  SAMP
点击此处可从《计算机系统应用》浏览原始摘要信息
点击此处可从《计算机系统应用》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号