本文選題：SOA + UDDI��； 參考：《沈陽理工大學(xué)》2017年碩士論文

【摘要】：隨著技術(shù)的不斷革新,各行各業(yè)的服務(wù)不斷涌現(xiàn)出來,使得服務(wù)的集成業(yè)務(wù)成為了主流趨勢(shì)。在這種情況下,具有良好耦合性,跨平臺(tái)性的面向服務(wù)架構(gòu)SOA(Service Oriented Architecture)應(yīng)用而生,很好的解決了系統(tǒng)的靈活性和互操作性問題,提高了服務(wù)的集成業(yè)務(wù)。而在實(shí)現(xiàn)SOA架構(gòu)的過程中,Web Service作為最佳實(shí)現(xiàn)方法,包含了XML、SOAP、UDDI和WSDL等技術(shù),其中UDDI服務(wù)注冊(cè)中心作為SOA架構(gòu)的樞紐,實(shí)現(xiàn)了信息交互,很好地提升了系統(tǒng)的服務(wù)發(fā)布、查詢和集成的性能。然而,UDDI安全性問題卻日益凸顯,成為了約束UDDI服務(wù)注冊(cè)中心發(fā)展的一個(gè)重要原因,進(jìn)而影響SOA的發(fā)展。因此分析UDDI機(jī)制及其脆弱性,對(duì)被攻擊系統(tǒng)進(jìn)行效果評(píng)估具有重要意義。本文在研究面向服務(wù)架構(gòu)SOA的特性和結(jié)構(gòu)的基礎(chǔ)上,闡述了SOA的最佳實(shí)現(xiàn)方法Web Service,分析了其主要的XML、SOAP、UDDI和WSDL技術(shù),重點(diǎn)分析了UDDI技術(shù)的標(biāo)準(zhǔn)規(guī)范和邏輯結(jié)構(gòu)。從思想、結(jié)構(gòu)和交互三方面設(shè)計(jì)了基于Web Service的集中式UDDI和分布式UDDI系統(tǒng)模型,實(shí)現(xiàn)了指控服務(wù)的身份認(rèn)證、服務(wù)發(fā)布和服務(wù)查詢。由于UDDI存在脆弱性,導(dǎo)致系統(tǒng)易受攻擊,需對(duì)其進(jìn)行效果評(píng)估,具體闡述了評(píng)估流程。結(jié)合權(quán)重確定法和兩種評(píng)估方法,最終建立了基于層次分析法及模糊綜合評(píng)估法的評(píng)估模型、基于層次分析法及灰色綜合評(píng)估法的評(píng)估模型、基于熵賦權(quán)法及模糊綜合評(píng)估法的評(píng)估模型、基于熵賦權(quán)法及灰色綜合評(píng)估法的評(píng)估模型、基于綜合賦權(quán)法及模糊綜合評(píng)估法的評(píng)估模型和基于綜合賦權(quán)法及灰色綜合評(píng)估法的評(píng)估模型。針對(duì)UDDI系統(tǒng),選取三種拒絕服務(wù)攻擊類對(duì)系統(tǒng)攻擊,根據(jù)UDDI系統(tǒng)受攻擊時(shí)的性能與功能的改變,建立了具有針對(duì)性的效果評(píng)估指標(biāo),并通過實(shí)驗(yàn)數(shù)據(jù)的采集,分析及計(jì)算,對(duì)六種評(píng)估模型進(jìn)行驗(yàn)證,從而驗(yàn)證評(píng)估模型的有效性和穩(wěn)定性。
[Abstract]:With the continuous innovation of technology, services in various industries are emerging, making service integration business become the mainstream trend. In this case, the application of SOA(Service Oriented Architecture, which has good coupling and cross-platform, solves the problems of system flexibility and interoperability, and improves the service integration business. In the process of implementing SOA architecture, web Service is the best method, including XML soap Uddi and WSDL, among which UDDI service register center, as the hub of SOA architecture, realizes information exchange and improves the service publishing of the system. Query and integration performance. However, the security problem of Uddi is becoming more and more prominent, which has become an important reason for constraining the development of UDDI services registry, thus affecting the development of SOA. Therefore, it is of great significance to analyze the UDDI mechanism and its vulnerability and evaluate the effectiveness of the attacked system. On the basis of studying the characteristics and structure of SOA, this paper expounds the best implementation method of SOA, Web Service, analyzes its main XML soap Uddi and WSDL technologies, and emphatically analyzes the standard specification and logical structure of UDDI technology. This paper designs a centralized UDDI and distributed UDDI system model based on Web Service from three aspects of idea, structure and interaction, and realizes the identity authentication, service publishing and service query of the command service. Due to the vulnerability of UDDI, the system is vulnerable to attack. Combined with the weight determination method and two evaluation methods, the evaluation model based on AHP and fuzzy comprehensive evaluation method, and the evaluation model based on AHP and grey comprehensive evaluation method are established. The evaluation model is based on entropy weighting method and fuzzy comprehensive evaluation method, and based on entropy weighting method and grey comprehensive evaluation method. The evaluation model based on comprehensive weight method and fuzzy comprehensive evaluation method, and the evaluation model based on comprehensive weight method and grey comprehensive evaluation method. For UDDI system, three kinds of denial-of-service attack classes are selected to attack the system. According to the change of the performance and function of UDDI system under attack, a targeted effect evaluation index is established, and the collection, analysis and calculation of experimental data are carried out. Six evaluation models are validated to verify the effectiveness and stability of the evaluation models.
【學(xué)位授予單位】：沈陽理工大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 姜俊;孫中平;王昌佐;游代安;曹飛;張雪;;面向服務(wù)架構(gòu)的高分環(huán)境應(yīng)用示范平臺(tái)[J];環(huán)境與可持續(xù)發(fā)展;2016年04期

2 劉永慶;;一種基于SOA架構(gòu)的訪問控制安全服務(wù)模型研究[J];網(wǎng)絡(luò)安全技術(shù)與應(yīng)用;2016年05期

3 劉永丹;;基于SOA的軍事信息系統(tǒng)動(dòng)態(tài)集成研究[J];無線互聯(lián)科技;2015年18期

4 丁建定;任志強(qiáng);;基于模糊層次綜合評(píng)估法的養(yǎng)老保險(xiǎn)基金投資風(fēng)險(xiǎn)研究[J];社會(huì)科學(xué)輯刊;2015年03期

5 馮靖翔;李生林;;基于平衡計(jì)分卡的軍事信息系統(tǒng)評(píng)價(jià)指標(biāo)設(shè)計(jì)[J];自動(dòng)化與儀器儀表;2015年03期

6 溫偉強(qiáng);;網(wǎng)絡(luò)攻擊技術(shù)與網(wǎng)絡(luò)安全探析[J];網(wǎng)絡(luò)安全技術(shù)與應(yīng)用;2015年01期

7 潘齊欣;唐型基;唐林海;;Web應(yīng)用程序界面設(shè)計(jì)框架技術(shù)研究[J];計(jì)算機(jī)光盤軟件與應(yīng)用;2014年22期

8 Jinfu Chen;Huanhuan Wang;Dave Towey;Chengying Mao;Rubing Huang;Yongzhao Zhan;;Worst-Input Mutation Approach to Web Services Vulnerability Testing Based on SOAP Messages[J];Tsinghua Science and Technology;2014年05期

9 周輝;潘祖烈;陳仲明;;淺談無線網(wǎng)絡(luò)攻擊技術(shù)與防范措施[J];電腦知識(shí)與技術(shù);2014年08期

10 王龍;張亮;;基于擴(kuò)展WSDL行為描述的Web服務(wù)組合[J];計(jì)算機(jī)工程;2014年01期

相關(guān)碩士學(xué)位論文 前8條

1 王松;面向WebService的網(wǎng)絡(luò)攻擊效果評(píng)估技術(shù)的研究[D];沈陽理工大學(xué);2016年

2 黃永亮;基于UDDI的教育云信息共享關(guān)鍵技術(shù)研究[D];北京交通大學(xué);2015年

3 代月;基于SOA指揮控制系統(tǒng)的UDDI機(jī)制研究與實(shí)現(xiàn)[D];沈陽理工大學(xué);2015年

4 李孟潔;基于SOA和WebService的第四方物流信息平臺(tái)構(gòu)建與實(shí)現(xiàn)[D];蘭州交通大學(xué);2014年

5 朱貴麗;基于SOA的電子政務(wù)云頂層設(shè)計(jì)模式研究與實(shí)現(xiàn)[D];曲阜師范大學(xué);2014年

6 蘇廣楠;面向SOA系統(tǒng)的攻擊效能評(píng)估技術(shù)研究[D];沈陽理工大學(xué);2014年

7 閆鵬莉;基于移動(dòng)通信的電子商務(wù)平臺(tái)的設(shè)計(jì)與實(shí)現(xiàn)[D];電子科技大學(xué);2013年

8 王怡然;基于UDDIV3的服務(wù)注冊(cè)中心客戶端的研究、實(shí)現(xiàn)及智能改進(jìn)[D];北京郵電大學(xué);2011年

，

本文編號(hào)：1795101