本文選題：Web服務(wù)組合 + BPEL安全��； 參考：《北京郵電大學(xué)》2014年碩士論文

【摘要】：隨著云計(jì)算和Web服務(wù)技術(shù)的持續(xù)升溫,Web服務(wù)組合也逐漸成為業(yè)界關(guān)注的重點(diǎn)。Web服務(wù)組合是一系列相互獨(dú)立的Web服務(wù)構(gòu)件的聚集,是將多個(gè)Web服務(wù)進(jìn)行組合創(chuàng)建而形成的新的業(yè)務(wù)流程。BPEL是一種基于XML的業(yè)務(wù)流程描述語(yǔ)言,用于描述Web服務(wù)組合業(yè)務(wù)流程內(nèi)部各Web服務(wù)構(gòu)件之間的相互邏輯關(guān)系。BPEL可以把各個(gè)獨(dú)立的Web服務(wù)通過(guò)邏輯控制結(jié)構(gòu)來(lái)進(jìn)行有機(jī)組合,讓它們共同協(xié)作完成復(fù)雜的商業(yè)邏輯,實(shí)現(xiàn)特定的功能。 BPEL業(yè)務(wù)流程具有松耦合性,其在執(zhí)行過(guò)程中所調(diào)用的Web服務(wù)構(gòu)件大部分都是分布于云上的獨(dú)立功能實(shí)體,因此業(yè)務(wù)開發(fā)人員對(duì)這些服務(wù)構(gòu)件并沒有實(shí)際的控制權(quán),更無(wú)法預(yù)見BPEL業(yè)務(wù)流程在執(zhí)行過(guò)程中可能遇到的異常和錯(cuò)誤。此外,復(fù)雜多變的網(wǎng)絡(luò)通信狀況以及BPEL流程的邏輯缺陷都有可能導(dǎo)致其在執(zhí)行時(shí)出現(xiàn)異常,這些錯(cuò)誤在設(shè)計(jì)階段往往無(wú)法檢測(cè)出來(lái),只有當(dāng)BPEL流程真正部署到引擎中并執(zhí)行時(shí)才會(huì)發(fā)現(xiàn),而目前主流的BPEL引擎針對(duì)BPEL業(yè)務(wù)流程的執(zhí)行異常并沒有有效的檢測(cè)和監(jiān)控機(jī)制,這就為整個(gè)BPEL引擎埋下了安全隱患。 本文設(shè)計(jì)并實(shí)現(xiàn)了一種面向BPEL的業(yè)務(wù)安全執(zhí)行環(huán)境,該業(yè)務(wù)安全執(zhí)行環(huán)境將靜態(tài)檢測(cè)和動(dòng)態(tài)監(jiān)控相結(jié)合,通過(guò)業(yè)務(wù)部署的靜態(tài)檢測(cè)、實(shí)例狀態(tài)的動(dòng)態(tài)監(jiān)控和流程信息的動(dòng)態(tài)監(jiān)控,及時(shí)發(fā)現(xiàn)BPEL引擎中存在安全威脅的流程和實(shí)例,并作出預(yù)警和控制動(dòng)作,實(shí)時(shí)保證整個(gè)執(zhí)行環(huán)境的安全穩(wěn)定。此外,為了適應(yīng)云計(jì)算時(shí)代分布式部署的架構(gòu),業(yè)務(wù)安全執(zhí)行環(huán)境采用Spring框架進(jìn)行構(gòu)建,既可以內(nèi)嵌BPEL引擎實(shí)現(xiàn)本地一對(duì)一的監(jiān)控,也可以通過(guò)配置安全策略文件實(shí)現(xiàn)一對(duì)多的分布式監(jiān)控,具有良好的靈活性和擴(kuò)展性。 本文首先闡述了業(yè)務(wù)安全執(zhí)行環(huán)境提出的背景和意義,并針對(duì)其所涉及的相關(guān)技術(shù)進(jìn)行了簡(jiǎn)單介紹。接著從系統(tǒng)整體目標(biāo)和典型業(yè)務(wù)場(chǎng)景出發(fā),進(jìn)行了需求分析和關(guān)鍵問(wèn)題的研究。根據(jù)分析和研究的結(jié)論,對(duì)業(yè)務(wù)安全執(zhí)行環(huán)境的整體架構(gòu)進(jìn)行了設(shè)計(jì),并重點(diǎn)闡述了關(guān)鍵模塊和算法的實(shí)現(xiàn)。最后搭建原型系統(tǒng)進(jìn)行測(cè)試,驗(yàn)證了業(yè)務(wù)安全執(zhí)行環(huán)境的有效性和可靠性,并指出了需要進(jìn)一步研究和完善的地方。
[Abstract]:With the continuous warming of cloud computing and Web services technology, the composition of web services has gradually become the focus of the industry. The composition of web services is a collection of independent Web service components.A new business process. BPEL is a business process description language based on XML, which is a combination of multiple Web services.It is used to describe the logical relationship among the Web service components within the Web services composition business process. BPEL can combine each independent Web service through the logical control structure to make them work together to complete the complex business logic.Implement specific functions.BPEL business processes are loosely coupled, and most of the Web service artifacts invoked during execution are independent functional entities distributed in the cloud, so business developers have no actual control over these service components.It is also impossible to foresee the exceptions and errors that BPEL business processes may encounter during execution.In addition, complex and changeable network communication conditions and logical flaws in BPEL processes can lead to exceptions at execution, which are often not detected at design time.Only when the BPEL process is deployed to the engine and executed can it be found that the current mainstream BPEL engine does not have an effective detection and monitoring mechanism for the execution exception of the BPEL business process which has laid a security hazard for the whole BPEL engine.In this paper, we design and implement a service security execution environment for BPEL, which combines static detection with dynamic monitoring.The dynamic monitoring of instance state and the dynamic monitoring of process information can detect the process and instance of security threat in the BPEL engine in time, and make early warning and control actions to ensure the security and stability of the whole execution environment in real time.In addition, in order to adapt to the distributed deployment architecture in the cloud computing era, the business security execution environment is constructed with Spring framework, which can be built into BPEL engine to realize local one-to-one monitoring.One-to-many distributed monitoring can also be implemented by configuring security policy files with good flexibility and extensibility.In this paper, the background and significance of business security execution environment are introduced, and the related technologies are briefly introduced.Then, the requirement analysis and the research of key problems are carried out on the basis of the overall goal and the typical business scenario of the system.According to the conclusion of the analysis and research, the overall architecture of the business security execution environment is designed, and the implementation of the key modules and algorithms is emphasized.Finally, a prototype system is built for testing, which verifies the validity and reliability of the business security execution environment, and points out that further research and improvement are needed.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.09

【參考文獻(xiàn)】

相關(guān)期刊論文 前3條

1 張華;王茜;;面向服務(wù)工作流補(bǔ)償機(jī)制的研究與實(shí)現(xiàn)[J];東南大學(xué)學(xué)報(bào)(自然科學(xué)版);2009年01期

2 陳勝;鮑亮;陳平;胡圣明;王萌;;BPEL流程數(shù)據(jù)競(jìng)爭(zhēng)和死鎖檢測(cè)算法研究[J];西安電子科技大學(xué)學(xué)報(bào);2008年06期

3 劉麗;況曉輝;方蘭;許飛;;Web服務(wù)故障的分類方法[J];計(jì)算機(jī)系統(tǒng)應(yīng)用;2010年08期

相關(guān)博士學(xué)位論文 前1條

1 尚宗敏;智能流程異常處理的若干關(guān)鍵技術(shù)研究[D];山東大學(xué);2009年

，

本文編號(hào)：1755469