ASCMS中基于认证授权和责任认定的安全框架研究
摘要
由于市场的全球化,企业形态的集团化、网络化、连锁化、全球化,生产与流通企业的联盟化、一体化,客户需求的个性化,因特网、分布式对象技术等信息技术日新月异,敏捷供应链技术与系统越来越受到科技界与企业界的重视,已成为国内外的研究热点之一。为了快速响应外部环境的变化,企业纷纷利用Internet建立自己的敏捷供应链管理系统。当前,敏捷供应链管理系统的安全问题成为影响企业是否具有市场竞争力的关键因素之一。
本课题来源于国家发改委振兴东北老工业基地项目“汽车零部件网络化制造平台”。本文重点研究了国内外敏捷供应链管理系统的发展现状和安全上存在的问题,设计了一个安全性较好的敏捷供应链管理系统的安全框架,该框架可以方便企业信息系统的集成,实现了基于证书的身份认证、基于域的访问控制和事后责任认定等,提高了企业敏捷供应链管理系统的安全性,加快了实现供应链系统的重构。最后,利用J2EE技术和EJB技术实现了本文提出的敏捷供应链管理系统的安全框架,完成对该框架的测试,验证了它的正确性和有效性。
To meet the continuously change of the market rapidly and keep a sustained competition power, products should be passed to the customers who most need in them the shortest time, with the best quality and lowest cost. Meanwhile, for the fast response to the change of the external environment, numerous enterprises set up their own agile supply chain management system in abundance using Internet. At present, the security issue of ASCMS has been becoming one of the key factors of affecting the business competition.
This thesis focuses on designing a more safe security framework, which aims at the development present status and existence security problems of ASCMS. The main contribution of this security framework is Authentication based on certificate, Access Control based on domain and Responsibility Identification, which helps to enhance the security of entire Enterprise ASCMS, and speed up the reconfiguration of Supply Chain System. This theme comes from the project of "Automobile Parts Network Manufacturing Platform (APNM)", which supported by State Development and Reform Commission to revitalize the old industrial base in Northeast. This thesis is divided into several parts as follows:
This thesis starts by discussing Supply chain management. Supply chain management system is a dynamic network, comprising suppliers, manufacturers, transporters and sellers. It is a typical distributed system, which is able to be reconstructed rapidly with the formation of Dynamic Alliance and adjusted with the disintegration of Dynamic Alliance. For the ASCMS’s complexity and dynamic nature, studies of its security issues are rare, no matter in domestic or foreign works. However, security issue is a key to achieve the real application for ASCMS. Therefore, it is as the main research content of this thesis, namely, we construct safety architecture of ASCMS based on the Certification Authority and the Responsibility, and does the simulation design to the Auto Parts Network Manufacture platform System.
Currently, although the application of domestic Supply Chain System is still at the start stage, after China entering into the World Trade Organization (WTO), it becomes more and more important. Many domestic scholars have made extensive studies in this area. The security of ASCMS mainly manifests in: trust, authorization, responsibility and data security. According to these four aspects, we propose a security framework and the corresponding solutions, which are: (1) to provide a unified system integration platform, (2) Authentication, (3) Access Control (including Authorization and Access Control), (4) Responsibility Identify and Security Audit.
Therefore, we design a security framework of ASCMS. In this paper, we respectively introduce the relevant theory of Authentication, Access Control and responsibility Indentify, and complete the application of these three technologies in our security framework. Authentication is mainly used to validate the authenticity of the information sender identity, including the authentication and identification of the senders and receivers. The basic methods of Identity Authentication are Authentication based on password, Kerberos Authentication, Authentication based on Digital Certificate and Biometrics. Authentication, Integrity validation and Non-Repudiation are as three main purposes of Authentication. In ASCMS we use PKI (Public Key Infrastructure) and bidirectional certificate authentication based on SSL to achieve the certification, which can help us to realize the Identity Authentication and Non-Repudiation. Meanwhile, the communication process is encrypted, which ensures the integrity validation of data. Access Control (Access Control) is such a technology that permits or restricts the access capacity and scope explicitly by some way. Through the access control services, the access to critical resources can be restricted, which helps to prevent the intrusion of unauthorized users or devastation caused by legitimate users’inadvertent operation. In the APNM system, different enterprises, different sectors, and different employees have different access privileges to different resources, and therefore it requires a powerful access control model to manage various access privileges to different records in the same table. In the traditional access control mode, it designates a privilege as a user or a role’s operating privilege to an object, which is impossible to deal with such a large number of objects, users and roles. In this thesis, combining with role-based access control model, we import a concept called domain, which helps us cast off the limit of system framework and make the division of the access control scope more flexible. Domain is an abstract organizational unit in APNM Platform System. A domain can be a project, a group, or any administrative department (department or enterprise). By the domain, we can establish the multi-layered access control strategy, which makes the design of the access control more flexible, maintains the mandate small number and meets the minimum user privileges granted and the transparent access control strategy in APNM Platform System.
Responsibility is a very important feature of information security. A system should be able to carry out on a number of sensitive records prepared for tracing and identifying the relevant responsible person. Currently responsibilities are achieved by the Security Audit. Security Audit not only helps to monitor the network user activities from internal and external, identify , record, store and analyze the relevant information of activities related to security, warn and make the response to emergency, but also provides an important basis for subsequent processing and evidence for network crime and breach acts through recording the system’s incident. The APNM Platform is based on J2EE architecture, and it is deployed on theWeblogic8.0 server; the background data maintenance uses the Oracle database. We draw supports from the function of Audit Procedure provided by Weblogic8.0 combined with Oracle's Audit function to achieve the Audit in ASCMS, namely responsibility.
Finally, by using the J2EE and EJB technology, we realize the ASCMS security framework proposed in this thesis and complete the testing of the framework, and prove its validity and effectiveness. The detail realization of identity in Agile Supply Chain Management system: it realizes bidirectional authentication between client and server through credible third-party certification institution, by the use of the third-party SSL certificate authentication protocol. It guarantees identity authenticity of the login users and servers. The detail realization of Access Control: By introducing the concept of a domain, the user access control is more granular, which ensures that different users have different access control privileges and information can not be accessed by unauthorized third-party. The realization of Responsibility and Security Audit: Weblogic8.0 audits information, and records not only all of the authentication activities, but also all users’operations and information of access to the modules of the system. Each record keeps the execution time of the incident so that users can not deny. Oracle 9i Audit View records the users’operations to the database, including the database session ID, the client detailed information, the timestamps and so on, by which users can not deny. Combined Weblogic8.0 Audit Information with Oracle 9i Audit View Information, it can confirm that when users visit applications, visit which modules of the system, when access database, which operations are done to the database and the time is identical. As users are unable to deny, it achieve the system’s responsibility.
本课题来源于国家发改委振兴东北老工业基地项目“汽车零部件网络化制造平台”。本文重点研究了国内外敏捷供应链管理系统的发展现状和安全上存在的问题,设计了一个安全性较好的敏捷供应链管理系统的安全框架,该框架可以方便企业信息系统的集成,实现了基于证书的身份认证、基于域的访问控制和事后责任认定等,提高了企业敏捷供应链管理系统的安全性,加快了实现供应链系统的重构。最后,利用J2EE技术和EJB技术实现了本文提出的敏捷供应链管理系统的安全框架,完成对该框架的测试,验证了它的正确性和有效性。
To meet the continuously change of the market rapidly and keep a sustained competition power, products should be passed to the customers who most need in them the shortest time, with the best quality and lowest cost. Meanwhile, for the fast response to the change of the external environment, numerous enterprises set up their own agile supply chain management system in abundance using Internet. At present, the security issue of ASCMS has been becoming one of the key factors of affecting the business competition.
This thesis focuses on designing a more safe security framework, which aims at the development present status and existence security problems of ASCMS. The main contribution of this security framework is Authentication based on certificate, Access Control based on domain and Responsibility Identification, which helps to enhance the security of entire Enterprise ASCMS, and speed up the reconfiguration of Supply Chain System. This theme comes from the project of "Automobile Parts Network Manufacturing Platform (APNM)", which supported by State Development and Reform Commission to revitalize the old industrial base in Northeast. This thesis is divided into several parts as follows:
This thesis starts by discussing Supply chain management. Supply chain management system is a dynamic network, comprising suppliers, manufacturers, transporters and sellers. It is a typical distributed system, which is able to be reconstructed rapidly with the formation of Dynamic Alliance and adjusted with the disintegration of Dynamic Alliance. For the ASCMS’s complexity and dynamic nature, studies of its security issues are rare, no matter in domestic or foreign works. However, security issue is a key to achieve the real application for ASCMS. Therefore, it is as the main research content of this thesis, namely, we construct safety architecture of ASCMS based on the Certification Authority and the Responsibility, and does the simulation design to the Auto Parts Network Manufacture platform System.
Currently, although the application of domestic Supply Chain System is still at the start stage, after China entering into the World Trade Organization (WTO), it becomes more and more important. Many domestic scholars have made extensive studies in this area. The security of ASCMS mainly manifests in: trust, authorization, responsibility and data security. According to these four aspects, we propose a security framework and the corresponding solutions, which are: (1) to provide a unified system integration platform, (2) Authentication, (3) Access Control (including Authorization and Access Control), (4) Responsibility Identify and Security Audit.
Therefore, we design a security framework of ASCMS. In this paper, we respectively introduce the relevant theory of Authentication, Access Control and responsibility Indentify, and complete the application of these three technologies in our security framework. Authentication is mainly used to validate the authenticity of the information sender identity, including the authentication and identification of the senders and receivers. The basic methods of Identity Authentication are Authentication based on password, Kerberos Authentication, Authentication based on Digital Certificate and Biometrics. Authentication, Integrity validation and Non-Repudiation are as three main purposes of Authentication. In ASCMS we use PKI (Public Key Infrastructure) and bidirectional certificate authentication based on SSL to achieve the certification, which can help us to realize the Identity Authentication and Non-Repudiation. Meanwhile, the communication process is encrypted, which ensures the integrity validation of data. Access Control (Access Control) is such a technology that permits or restricts the access capacity and scope explicitly by some way. Through the access control services, the access to critical resources can be restricted, which helps to prevent the intrusion of unauthorized users or devastation caused by legitimate users’inadvertent operation. In the APNM system, different enterprises, different sectors, and different employees have different access privileges to different resources, and therefore it requires a powerful access control model to manage various access privileges to different records in the same table. In the traditional access control mode, it designates a privilege as a user or a role’s operating privilege to an object, which is impossible to deal with such a large number of objects, users and roles. In this thesis, combining with role-based access control model, we import a concept called domain, which helps us cast off the limit of system framework and make the division of the access control scope more flexible. Domain is an abstract organizational unit in APNM Platform System. A domain can be a project, a group, or any administrative department (department or enterprise). By the domain, we can establish the multi-layered access control strategy, which makes the design of the access control more flexible, maintains the mandate small number and meets the minimum user privileges granted and the transparent access control strategy in APNM Platform System.
Responsibility is a very important feature of information security. A system should be able to carry out on a number of sensitive records prepared for tracing and identifying the relevant responsible person. Currently responsibilities are achieved by the Security Audit. Security Audit not only helps to monitor the network user activities from internal and external, identify , record, store and analyze the relevant information of activities related to security, warn and make the response to emergency, but also provides an important basis for subsequent processing and evidence for network crime and breach acts through recording the system’s incident. The APNM Platform is based on J2EE architecture, and it is deployed on theWeblogic8.0 server; the background data maintenance uses the Oracle database. We draw supports from the function of Audit Procedure provided by Weblogic8.0 combined with Oracle's Audit function to achieve the Audit in ASCMS, namely responsibility.
Finally, by using the J2EE and EJB technology, we realize the ASCMS security framework proposed in this thesis and complete the testing of the framework, and prove its validity and effectiveness. The detail realization of identity in Agile Supply Chain Management system: it realizes bidirectional authentication between client and server through credible third-party certification institution, by the use of the third-party SSL certificate authentication protocol. It guarantees identity authenticity of the login users and servers. The detail realization of Access Control: By introducing the concept of a domain, the user access control is more granular, which ensures that different users have different access control privileges and information can not be accessed by unauthorized third-party. The realization of Responsibility and Security Audit: Weblogic8.0 audits information, and records not only all of the authentication activities, but also all users’operations and information of access to the modules of the system. Each record keeps the execution time of the incident so that users can not deny. Oracle 9i Audit View records the users’operations to the database, including the database session ID, the client detailed information, the timestamps and so on, by which users can not deny. Combined Weblogic8.0 Audit Information with Oracle 9i Audit View Information, it can confirm that when users visit applications, visit which modules of the system, when access database, which operations are done to the database and the time is identical. As users are unable to deny, it achieve the system’s responsibility.
引文
[1] 柴跃廷,刘义,敏捷供需链管理,清华大学出版社,2001,第一版,4-45
[2] 李彪,刘敏,张申生,支持敏捷供应链的安全框架和实现技术,高技术通讯,2002,Vol.11 NO.1,55-58
[3] 陈兵兵,SCM 供应链管理-策略、技术与务实,电子工业出版社,2004,第一版,4-10
[4] Swanminathan J.M.,Smith S.F.,Sadeh N.M.,A Multi-agent Framework for Modeling Supply Chain Dynamics,Technical Report,Carnegie Melon University,1996,Vol.7 NO.2,607-632
[5] 林榕航,供应链管理(SCM)教程上册,厦门大学出版社,2003,第一版,1-20
[6] 汪云峰,马士华,支持供应链管理的信息系统,计算机系统应用,1998,Vol.7 NO.1,5-7
[7] 林勇,马士华,基于集成化供应链管理的 MRP 系统设计,管理科学学报,1999,Vol.2 NO.1,86-91
[8] 柴跃廷,李芳芸,敏捷供需链管理系统的体系结构,清华大学学报,2000,Vol.40 NO.3,79-82
[9] 毕诸华,朱岩,供应链的集成监控体系结构,中国机械工程,1999,Vol.10 NO.5,527-530
[10] 刘敬军,张中生,敏捷化供应链管理集成框架研究,计算机集成制造系统,1998,Vol.4 NO.4,15-18
[11] 王荣良,叶冰,陈鹰,基于因特网的敏捷供应链管理技术初步研究与探讨,第五届计算机集成制造系统(OMS)学术会议论文集(上册),1998,127-130
[12] 李建标,武立东,现代供应链联盟问题研究,山西财经大学学报,2003,Vol.1 NO.3,41-44
[13] 张玉清,陈建奇,杨波,薛伟等译,公钥基础设施(PKI)实现和管理电子安全,清华大学出版社,2002,第一版,45-65
[14] 李波,洪涛,供应链管理(SCM)教程,电子工业出版社,2006,第一版,1-29
[15] 贾伟,网络与电子商务安全,国防工业出版社,2006,第一版,1-111
[16] William Stallings,杨明,青光辉,齐望东等译,密码编码学与网络安全原理与实践,电子工业出版社,2001,第二版,75-92
[17] 吴亚非译,计算机安全的技术与方法,电子工业出版社,1992,第一版,44-100
[18] 魏志东,赵华伟,冯登国,PKI 系统中私钥的管理方法研究,计算机应用,2001,Vol.22 NO.7,25-27
[19] 王瑞娟,网络化制造动态联盟访问控制的研究与实现,吉林大学硕士学位论文,2007,11-12
[20] Policy and Communication Staff,National Archives and Records Administration , Records Management Guides for Agencies Implementing Electronic Signature Technologies , 2000 ,http://www.nara.gov/records/policy/gpea.html
[21] 汪雪莲,基于 X.509 标准的公钥证书管理系统研究,计算机应用技术,2003,Vol.3 NO.2,66-68
[22] Eric Escorial,崔凯译,SSL 与 TLS,中国电力出版社,2002,第一版,1-58
[23] R.S. Sandhu,Access Control: Principles and Practice,IEEE Communications Magazine,1994,Vol.1 NO.5,40-48
[24] D.F. Ferraiolo,D.R. Kuhn,Role Based Access Control,American National Standard for Information Technology,2004,56-58
[25] Hui Zhao,Zhiyi Fang,Dan Zhao,Domain-Based Access Control for Collaborative E-Commerce System,Pervasive Computing and Applications,ICPCA2007.2nd International Conference,2007,162-167
[26] 刘晓华,J2EE 企业级应用开发,电子工业出版社,2002,第一版,1-59
[27] Art Taylor,JDBC 数据库编程与 J2EE,电子工业出版社,2004,第二版,56-100
[2] 李彪,刘敏,张申生,支持敏捷供应链的安全框架和实现技术,高技术通讯,2002,Vol.11 NO.1,55-58
[3] 陈兵兵,SCM 供应链管理-策略、技术与务实,电子工业出版社,2004,第一版,4-10
[4] Swanminathan J.M.,Smith S.F.,Sadeh N.M.,A Multi-agent Framework for Modeling Supply Chain Dynamics,Technical Report,Carnegie Melon University,1996,Vol.7 NO.2,607-632
[5] 林榕航,供应链管理(SCM)教程上册,厦门大学出版社,2003,第一版,1-20
[6] 汪云峰,马士华,支持供应链管理的信息系统,计算机系统应用,1998,Vol.7 NO.1,5-7
[7] 林勇,马士华,基于集成化供应链管理的 MRP 系统设计,管理科学学报,1999,Vol.2 NO.1,86-91
[8] 柴跃廷,李芳芸,敏捷供需链管理系统的体系结构,清华大学学报,2000,Vol.40 NO.3,79-82
[9] 毕诸华,朱岩,供应链的集成监控体系结构,中国机械工程,1999,Vol.10 NO.5,527-530
[10] 刘敬军,张中生,敏捷化供应链管理集成框架研究,计算机集成制造系统,1998,Vol.4 NO.4,15-18
[11] 王荣良,叶冰,陈鹰,基于因特网的敏捷供应链管理技术初步研究与探讨,第五届计算机集成制造系统(OMS)学术会议论文集(上册),1998,127-130
[12] 李建标,武立东,现代供应链联盟问题研究,山西财经大学学报,2003,Vol.1 NO.3,41-44
[13] 张玉清,陈建奇,杨波,薛伟等译,公钥基础设施(PKI)实现和管理电子安全,清华大学出版社,2002,第一版,45-65
[14] 李波,洪涛,供应链管理(SCM)教程,电子工业出版社,2006,第一版,1-29
[15] 贾伟,网络与电子商务安全,国防工业出版社,2006,第一版,1-111
[16] William Stallings,杨明,青光辉,齐望东等译,密码编码学与网络安全原理与实践,电子工业出版社,2001,第二版,75-92
[17] 吴亚非译,计算机安全的技术与方法,电子工业出版社,1992,第一版,44-100
[18] 魏志东,赵华伟,冯登国,PKI 系统中私钥的管理方法研究,计算机应用,2001,Vol.22 NO.7,25-27
[19] 王瑞娟,网络化制造动态联盟访问控制的研究与实现,吉林大学硕士学位论文,2007,11-12
[20] Policy and Communication Staff,National Archives and Records Administration , Records Management Guides for Agencies Implementing Electronic Signature Technologies , 2000 ,http://www.nara.gov/records/policy/gpea.html
[21] 汪雪莲,基于 X.509 标准的公钥证书管理系统研究,计算机应用技术,2003,Vol.3 NO.2,66-68
[22] Eric Escorial,崔凯译,SSL 与 TLS,中国电力出版社,2002,第一版,1-58
[23] R.S. Sandhu,Access Control: Principles and Practice,IEEE Communications Magazine,1994,Vol.1 NO.5,40-48
[24] D.F. Ferraiolo,D.R. Kuhn,Role Based Access Control,American National Standard for Information Technology,2004,56-58
[25] Hui Zhao,Zhiyi Fang,Dan Zhao,Domain-Based Access Control for Collaborative E-Commerce System,Pervasive Computing and Applications,ICPCA2007.2nd International Conference,2007,162-167
[26] 刘晓华,J2EE 企业级应用开发,电子工业出版社,2002,第一版,1-59
[27] Art Taylor,JDBC 数据库编程与 J2EE,电子工业出版社,2004,第二版,56-100