CN100353713C - Authentic remote service heat deploying method - Google Patents

Authentic remote service heat deploying method Download PDF

Info

Publication number
CN100353713C
CN100353713C CNB200510132536XA CN200510132536A CN100353713C CN 100353713 C CN100353713 C CN 100353713C CN B200510132536X A CNB200510132536X A CN B200510132536XA CN 200510132536 A CN200510132536 A CN 200510132536A CN 100353713 C CN100353713 C CN 100353713C
Authority
CN
China
Prior art keywords
service
execution
service container
deployer
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB200510132536XA
Other languages
Chinese (zh)
Other versions
CN1791024A (en
Inventor
怀进鹏
胡春明
孙海龙
刘万涛
许海东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beihang University
Beijing University of Aeronautics and Astronautics
Original Assignee
Beihang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beihang University filed Critical Beihang University
Priority to CNB200510132536XA priority Critical patent/CN100353713C/en
Publication of CN1791024A publication Critical patent/CN1791024A/en
Application granted granted Critical
Publication of CN100353713C publication Critical patent/CN100353713C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a reliable remote service heat deploying method which comprises the following procedures: step 1, a deploying person dispatches service deploying requirements to a remote service container; step 2, the deploying person carries out the trust negotiation with the service container, when the negotiation is successful, step 3 is executed or else step 4 is executed; step 3, the service container executes heat deploying operation; step 4, the end. Safety is provided for the heat deployment of the remote service, the problem of the heat deployment of the remote service in SOA and relevant safety hazards are solved, convenience is provided for the user, the user's loss and efficiency reduction caused by restarting the service container for deploying service are avoided, and the problem that the trust relationship between the deploying person crossing the security domain and the service container can not be established under a network environment is solved by using the method provided by the present invention.

Description

Authentic remote service heat deploying method
Technical field
The present invention relates to a kind of remote service heat deploying method, especially a kind of authentic remote service heat deploying method that in network, is undertaken by the method for trust negotiation.
Background technology
SOA is the abbreviation of Service Oriented Architecture (Enterprise SOA).SOA is a component model, and it connects the different function units (being called service) of application program by definition excellent interface and contract between these services.Interface adopts neutral mode to define, and is independent of hardware platform, operating system and the programming language of the service of realization.This makes the service that is structured in the various systems to carry out alternately with a kind of unification and universal mode.
Requirement source to SOA makes professional IT system become more flexible in needs, to adapt to the change in the business.Relation by allowing strong definition and specific implementation flexibly still, IT system both can have been utilized the function of existing system, can prepare to make afterwards some again and change and satisfy needs mutual between them.
SOA itself is should be how with software organization's abstract concept together.It depends on more concrete idea and the technology that realizes and exist with the form of software with XML and Web service.In addition, it also needs the support of fail safe, tactical management, reliable news transmission and accounting system, thereby works effectively.
SOA is not limited to Web service.Other use WSDL directly to realize service interface and also can be included among the SOA by the agreement that XML message communicates.Such as, CORBA also can participate in SOA by using the new feature that can handle WSDL.
Wherein XML is the abbreviation of eXtensible Markup Language (extendible SGML).It is a kind of meta-tag language, promptly is used to define the language of other Languages.Its uses the reference format of simple and flexible, and the effective means of a data of description and swap data is provided for the application based on web.XML has described the grammer that is used to create other SGMLs.In other words, XML will illustrate how to begin and closure element, and the operable symbol kind of element term, how nested element, each element will comprise contents such as which characteristic.But XML itself does not stipulate each element and will use which element.
In recent years, the Web service technology is rapidly developed and uses, unified service registry, discovery, binding and the integration mechanism used towards Internet are provided, have become a kind of main mechanism that realizes interoperability under the wide area environment, and obtained the extensive approval of academia and industrial circle.
Web service (Web service) is based on network, distributed modular assembly, and it carries out specific task, follows concrete technical specification, and these standards make web service to carry out interoperability with other compatible assemblies.
Have three kinds of roles in the Web service architecture:
Service Provider (ISP): service externally is provided, and comes issuing service information by registration;
Service Register (service registry person): registration and positioning function that service is provided;
Service Requester (service requester): by Service Register inquiry required service, and by Service Provider binding service.
Web service Technology Need one cover standard realizes the establishment of distributed application program.Any platform all has its data representation method and type system, realize interoperability, and web servi ce technology must provide the standard set type system, is used for linking up the dissimilar systems of different platform, programming language and component model.These standards have at present:
XML: it is the basic format of expression data in the web service technology.The main advantage of XML be it both with platform independence, irrelevant with manufacturer again.
SOAP:SOAP is the abbreviation of Simple Object Acces s Protocol (Simple Object Access Protocol), calls the web service by transmitting soap message between ISP and the service requester.SOAP has defined the form of request and response message, is based upon on the XML, is a kind of simple packing method of cross-platform information exchange.
WSDL:WSDL is the abbreviation of Web Servi ce Descr i pt ion Language, and its purpose is to provide a description document based on XML with a kind of machine-readable mode for web serves, and is used to describe web service and operation thereof.
UDDI:UDDI is Universal Description, the abbreviation of Discovery and Integration.UDDI is a cover based on the realization standard criterion of Web, information registration center distributed, that provide for web service.Also comprising simultaneously one group makes web service registry that enterprise can provide self so that the realization standard of the access protocal that other enterprise can find.
Grid is a kind of Internet computation schema that rises gradually in recent years, its objective is for the dynamic Virtual Organization of structure on the Internet resources environment of distribution, isomery, autonomy, and portion realizes striding the resource-sharing and the resource collaboration in autonomous territory within it, satisfies effectively towards the complicated applications of the Internet demand to large-scale calculations ability and mass data processing.The dreamboat of grid computing is to make all resources on the network be easy to collaborative work, serves different grid application, and the realization resource is being striden sharing with integrated of using between tissue.Grid research comes from distributed unit and calculates, early stage grid research focus mostly on " computing power " resource share and integrated.The diversity of application resource is that grid research brings new opportunities and challenges at present, need grid to provide seamless sharing and integrated support to heterogeneous resource, these resources not only comprise physical resources such as calculating, storage, instrument and equipment, also comprise logical resources such as the network bandwidth and software service.The Web service technology is introduced the grid research field, help to solve the problems such as application integration, resource-sharing, interoperability of system and standardization that grid research institute faces.Calendar year 2001, people have proposed OGSA (Open Grid Service Architecture, OGSA), the interoperability model of Web service is incorporated in the grid research, has established the new abstract form and the structure foundation of Web service as gridding resource.Under the mesh services architecture, various resources such as all softwares, hardware, calculating, storage, network and equipment in the grid all are abstracted into the form of service, by the difference between the service shielding resource, thereby the isomerism of resource in the shielding grid effectively, sharing and collaboratively provide effective support for resource.On the GGF7 in March, 2003, OGSA has become the main flow direction of present grid research.Therefore, the Web service technology has greatly strengthened the interoperability of grid agreement and service, also provides a kind of unified function extension mechanism for grid application.The function that the field is relevant can extend in the grid system by introducing new application service, the consistent service interaction model of mutual then employing between the new service of introducing and other mesh services.This fusion has not only solved the interoperability problem between gridding resource, and makes the application of grid no longer be confined to science calculating aspect.
In the application of grid, service arrangement is an important link, and service arrangement is meant the good service of exploitation is loaded into service container, the process that it can be called by the user.The service arrangement of broad sense also comprises the anti-deployment of service, the process that the service of being about to unloads from service container, and the heavily deployment of service, the i.e. process of the service that renewal has been disposed.After heat was disposed and is meant that a service is deployed in the service container, configuration can be upgraded automatically, can invoked process thereby do not need the user to restart service container.Remote deployment is meant the process that the service that will dispose is transferred on the other long-range service container and implements to dispose.Service arrangement is a universal concept in the SOA framework, is not limited to Web service or service grid environment.
The notion of a software can be installed the notion of service arrangement with in computer carry out analogy.A software must at first be installed in the computer system before using; Equally, a service also must at first be deployed in the service container before can being called.Needing to restart computer system after the software installation that has could use, this has just brought some inconvenience to the user, in some cases, or even it is unacceptable, such as, on same computer, also have other user to land, so, restart system entails and can interrupt their work.Similar problem is also arranged in service arrangement, if just need restart container after having disposed a service, can be affected to calling all of other services so, therefore, it is essential that heat is deployed in the service arrangement.
There is the product of a lot of support Web services or service grid environment all to provide support to a certain extent at present to service arrangement.Apache Axis is that it need carry out the deployment that an order just can be finished Web service by one of the Apache organization development outstanding SOAP engine, and does not support heat to dispose and remote deployment.By the grid middleware GlobusToolkit 4 that the famous open source code of grid circle organizes Globus to release, mainly finish the operational management function of service, but it is to the support of service arrangement very imperfection.In Globus Toolkit, the service development personnel after carrying out service encapsulates, can only by loaded down with trivial details order line with service arrangement in service container, and newly deployed service can only just can come into force after service container is restarted.Globus Toolkit does not provide long-distance user's deployment services.Friese et al has proposed a kind of method that heat is disposed of carrying out in grid, in order to guarantee safety, this method has adopted the sandbox model, but has just limited the function of service like this.DistAnt has expanded Apache Ant, provides a kind of deployment of process type flexibly to describe, and has proposed a kind of remote thermal deployment solution based on Globus Toolkit3, but this scheme does not provide any security mechanism.Baude et al adopts ProActive (based on Java concurrent, distributed and mobile computing storehouse) to be write as a deployment scheme, but this realizations do not disposed and dynamically updated less than consideration is counter.
Because the wide area that SOA uses, the characteristic of distribution is faced with a lot of safety problems.At first, traditional access control technology is mainly authorized based on requesting party's identity, needs to set unified safety management domain.Yet, in open the Internet, because it is big to participate in the scale of main body quantity, the isomerism of running environment, characteristics such as the dynamic of moving target and independence, each resource main body during SOA uses often is under the jurisdiction of different authoritative management mechanisms, promptly be in the different security domains, security domain is a closed domain with centralized management authority and security strategy, each entity in the activity can be mapped as one or more subject identities of territory inner control, and the integration and cooperation of striding security domain belongs to the activity of organizing frequent variations, this exposes many weakness with regard to making based on the access control technology of identity striding that many security domains are authorized and seeming unable to do what one wishes during access control; Secondly, because the hidden danger of information security comes from many aspects, strange side broken the wall of mistrust all may reveal the sensitive information of interaction agent in the credential that relied on and the access control policy, the third party who trusts each other that is difficult between particularly strange side reach an agreement on again assists their relation of breaking the wall of mistrust.
The mode of the safety problem that traditional solution SOA uses has PKI, GSI etc., introduces respectively below:
PKI is the abbreviation of Public Key Infrastructure (PKIX).This is a kind of technology and standard of utilizing public key cryptography that one cover foundation for security platform is provided.The core part of PKI is CA (Certification Authority), the authentication authorization and accounting center, and it is the mechanism of signing and issuing of digital certificate.Digital certificate is an e-file that meets certain format, is used for discerning certificate holder's identity.The PKI technology adopts the certificate management PKI, by third-party trusted mechanism---the CA of authentication center bundles other identification informations (as title, e-mail etc.) of user's PKI and user, in Internet line verification user's identity.
But PKI needs a third-party trusted mechanism---the CA of authentication center, and for remote deployment, because each side may be in the different security domains, therefore is difficult to find out the third party CA that an each side all trusts; In addition, promptly enable to find a CA, if all set up cross-domain trusting relationship based on PKI in each execution remote deployment, cost is too high again.
GSI is the abbreviation of Grid Security Infrastructure (grid security infrastructure).It is the security mechanism that Globus Toolkit adopts.GSI is based on public key encryption, X.509 certificate and SSL standards such as (Secure Socket Layer, security socket layers).The main concept of GSI is a certificate, and each mesh services and user discern by certificate, and this certificate comprises and authenticates and discern this user or serve employed information.At present, Globus Toolkit has developed into the 4.x version, and the problem that security mechanism exists has: still lack a kind of access control mechanisms based on attribute; Management for safety still has very big burden, lack flexibility, thereby the safety management and the trust that can't satisfy the extensibility in the distributed network environment creates a mechanism; Use for extensive dynamic cooperative, particularly stride support that security domain uses not enough.Though supported similar MyProxy etc. to entrust mechanism and, lacked abundant support, dynamically set up complicated trust chain in the time of can not moving to the trust management technology based on the access control technology of attribute; GSI does not consider the method to the protection of main body sensitive information, can not keep the privacy information of service requester and destination service.
For remote service heat deploying, owing to lack suitable security mechanism, have following hidden danger: on the one hand, the deployer provides a service that comprises malicious code probably, thereby the container that will dispose is caused infringement; On the other hand, service container also may be swindled the deployer, thereby obtains some its information of not will be appreciated that.In addition, the security strategy of deployer and service container may be incompatible, and in the network environment of an opening, we can not suppose that deployer and service container can the relations of breaking the wall of mistrust in advance.
Summary of the invention
The present invention is directed to the defective of the security mechanism that shortage is suitable in the prior art medium-long range service heat deploying, a kind of authentic remote service heat deploying method is provided, provide safety guarantee by this method for the remote thermal deployment, the problem of SOA medium-long range service heat deploying and relevant potential safety hazard have been solved, have great convenience for the user, avoided restarting the loss that service container brings to the user and the reduction of efficient, solved the problem of the relation of breaking the wall of mistrust between the deployer that strides security domain under the network environment and the service container for deployment services.
For achieving the above object, the invention provides a kind of authentic remote service heat deploying method, comprise the steps:
Step 1, deployer send the service arrangement request to long-range service container;
Step 2, deployer and service container carry out trust negotiation, if consult successfully, then execution in step 3, otherwise, execution in step 4;
Step 3, described service container are carried out hot deployment operation;
Step 4, end.
Between described step 1 and step 2, can also be provided with
Step 11, deployer check whether be configured the trust bill, if, then execution in step 12, if not, then execution in step 2, wherein said trust bill is that deployer and service container carry out being obtained the key safety information of having stored trust negotiation in the described trust bill to the service container application by the deployer after the trust negotiation success;
Step 12, deployer submit to described service container with described trust bill, and described service container is verified described trust bill, if be proved to be successful then execution in step 3, if unsuccessful, then execution in step 2.
Described step 2 can be specially:
Step 21, described service container obtain the access control policy of deployment services and send to described deployer from configuration file;
Step 22, described deployer check whether self has the certificate that satisfies described access control policy, if having, then execution in step 23, if do not have, then execution in step 4;
Step 23, the described certificate that satisfies described access control policy is issued described service container;
Step 24, described service container are tested to certificate, if by check, then execution in step 3, if not by check, then execution in step 4.
Between step 22 and step 23, can also be provided with:
Step 22a, described deployer send the access control policy of checking described certificate to described service container;
Whether step 22b, described service container are checked the certificate that satisfies the access control policy check described certificate, if having, and execution in step 22c then, if do not have, then execution in step 4;
Step 22c, the described certificate that satisfies the access control policy check described certificate is sent to described deployer;
Step 22d, described deployer check the described certificate that satisfies the access control policy of checking described certificate, if by check, then execution in step 23, if not by check, then execution in step 4.
Described step 3 can be specially:
Step 31, described service container receive grid filing by the transmission of SOAP annex (GAR, GridArchive) file or from the ftp server the download grid archive file;
Step 32, described service container call the local disposition module and dispose described grid archive file.
Described step 32 can be specially:
Step 321, check whether the grid archive file exists, if there is no, then execution in step 4, if exist then execution in step 322;
Step 322, judge whether ANT (a kind of the build tool based on Java) environment is available, if unavailable, then execution in step 4, if available, then execution in step 323;
Step 323, call the ANT instrument grid archive file is deployed in the service container.
Between described step 2 and step 3, can also be provided with the operation of the grid archive file of anti-deployment appointment.
The operation of the grid archive file of wherein said anti-deployment appointment is specially:
Step 31a, judge whether the ANT environment is available, if unavailable, then execution in step 4, if available, execution in step 31b then;
Step 31b, call all configuration informations and the program file deletion that will be loaded into when the ANT instrument will be disposed the grid archive file of described appointment in the service container.
By method provided by the invention, for the remote thermal deployment provides safety guarantee, the problem of SOA medium-long range service heat deploying and relevant potential safety hazard have been solved, have great convenience for the user, avoided restarting the loss that service container brings to the user and the reduction of efficient, solved the problem of the relation of breaking the wall of mistrust between the deployer that strides security domain under the network environment and the service container for deployment services.
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Description of drawings
Fig. 1 is the flow chart of authentic remote service heat deploying method of the present invention;
Fig. 2 is the operation principle schematic diagram of ATN of the present invention;
Fig. 3 is the structural representation of service arrangement module of the present invention;
Fig. 4 is the flow chart of deployment services of the present invention;
Fig. 5 is the flow chart of anti-deployment services of the present invention;
Fig. 6 is the trust negotiation principle schematic of ROST of the present invention;
Embodiment
Referring to Fig. 1, it is the flow chart of authentic remote service heat deploying method of the present invention, comprises the steps:
Step 1, deployer send the service arrangement request to long-range service container;
Step 2, deployer and service container carry out trust negotiation, if consult successfully, then execution in step 3, otherwise, execution in step 4;
Step 3, described service container are carried out hot deployment operation;
Step 4, end.
Authentic remote service heat deploying (ROST, Remote ﹠amp; Hot Service Deployment withTrus twor thiness) comprise the implication of two aspects: the one, support the heat of serving to dispose and remote deployment; The 2nd, it is believable making this remote deployment process, promptly will provide effective security mechanism.
For achieving the above object, the present invention adopts following technical scheme: the form with web service in service container realizes a remote deployment service, be responsible for receiving the service that will dispose that transmits from the deployer, and this service arrangement in service container.Can to use behind the service arrangement and do not need to restart container, remote deployment service will realize that heat disposes function in order to make; In order to delete the service of having disposed in the service container, the remote deployment service also needs to provide anti-deployment function; For the service of having disposed in the update service container, the remote deployment service also needs to provide the function of heavily disposing.In order to guarantee the secure and trusted of remote deployment, before carrying out deployment, to carry out trust negotiation, adopt ATN (AutoTrust Negotiation among the present invention, automated trust negotiation) technology is carried out trust negotiation, referring to Fig. 2, it is the operation principle schematic diagram of ATN of the present invention, and wherein main body A is in two different security domains with main body B.ATN is meant the mutual disclosure by credential and access control policy, makes the provider of resource and the mechanism of requesting party's relation of breaking the wall of mistrust automatically.ATN is a kind of new technology of the control that conducts interviews in open environment, and it especially can protect sensitive information in the process of trust negotiation.Adopt the ATN technology, either party can be anonymous, thereby both sides can be according to the strategy exchange certificate relation of breaking the wall of mistrust separately.With respect to traditional mechanism, the ATN technology has following advantage:
1) the trusting relationship of the both sides in same security domain can not set up automatically according to attribute separately;
2) thus either party can formulate the visit of the strategy control of oneself to sensitive information;
3) do not need the third party except that the certificate issuer just can the relation of directly breaking the wall of mistrust.
Service arrangement is finished by the service arrangement module.Referring to Fig. 3, it is the structural representation of service arrangement module of the present invention, this module has deployment, heavily deployment, anti-deployment, heat deployment and remote deployment function, this module is the sequence of operations process at the file of grid archive format, and it comprises the local folders monitoring interface, disposes submodule, instead dispose submodule, heavily dispose submodule and container configuration parameter table; The local folders monitoring interface is used for the grid archive file that receiving remote transmits, and the file that receives is given dispose submodule, instead dispose submodule and heavily dispose submodule; Dispose submodule, instead dispose submodule and heavily dispose submodule on the basis of ANT technology, the grid archive file is disposed or instead disposed or heavily be deployed in the service container, in the process of carrying out these operations, the configuration of container can dynamically be upgraded; The remote grid archive file of described service arrangement module to receiving realized remote deployment based on the FTP/SOAP annex.
Usually, a grid archive file has comprised several files and the configuration information of supporting service operation, mainly comprises following content:
1) executive program of service logic is such as Java Class;
2) Fu Wu WSDL description document;
3) at the described service configuration information of service container WSDD (Web service DeploymentDescriptor, Web service deployment descriptor) document;
4) JNDI (Java Naming and Directory Interface, Java name and directory service interface) file is described the relevant information of serving employed WSRF resource;
5) secure configuration file of control of description service access and authorization message;
6) BPEL (Business processs Execution Language, the BPEL) file that composite services define is described;
7) alternative document is such as the document of describing illustrative.
Have only 1,2 and 3 to be essential in these files, they provide by the developer of service, and utilizing the Jar order among the Java is a grid archive file with all File Compress, the operation of grid archive file is finished the deployment of service by deployment services.
Participate in Fig. 4, it is the flow chart of deployment services of the present invention, comprises the steps:
Step 321, check whether the grid archive file exists, if there is no, then execution in step 4, if exist then execution in step 322;
Step 322, judge whether the ANT environment is available, if unavailable, then execution in step 4, if available, then execution in step 323;
Step 323, call the ANT instrument grid archive file is deployed in the service container, concrete work comprises decompression grid archive file, load Java Class execute file, resolve the WSDD configuration documentation and configuration information is loaded in the service container, duplicates wsdl document, resolves the JNDI configuration documentation;
Wherein ANT is a kind of the build tool based on Java, is used for the Java project is compiled packing, test, issue etc.
When needs are heavily disposed certain service, at first to instead dispose the grid archive file of appointment, and then dispose the grid archive file of appointment;
Referring to Fig. 5, it is the flow chart of anti-deployment services of the present invention, comprises the steps:
Step 31a, judge whether the ANT environment is available, if unavailable, then execution in step 4, if available, execution in step 31b then;
Step 31b, call all configuration informations and the program file deletion that will be loaded into when the ANT instrument will be disposed the grid archive file of appointment in the service container.
Long-range service arrangement can be undertaken by FTP mode and SOAP annex mode, and when carrying out remote deployment based on the FTP mode, deployment is:
Service container download grid archive file from the ftp server, described then service container calls the local disposition module and disposes described grid archive file.
When carrying out remote deployment based on SOAP annex mode, deployment is:
Service container receives the grid archive file by the transmission of SOAP annex, and service container calls local deployment module and disposes described grid archive file then.
In ROST, service container is before trusting the deployer, and it needs the deployer to show certificate and specifies some determinant attributes.On the other hand, as previously mentioned, may comprise sensitive information in certificate, therefore must formulate corresponding strategy protects these information.These strategies have specified certificate to be exposed to before the other side, and what condition the other side must satisfy.Therefore, trust negotiation mainly is exactly the process that exchanges certificate according to strategy separately.
The detailed process of the trust negotiation of step 2 of the present invention is
Step 21, described service container obtain the access control policy of deployment services and send to described deployer from configuration file;
Step 22, described deployer check whether self has the certificate that satisfies described access control policy, if having, then execution in step 23, if do not have, then execution in step 4;
Step 23, the described certificate that satisfies described access control policy is issued described service container;
Step 24, described service container are tested to certificate, if by check, then execution in step 3, if not by checking, then execution in step 4.
Sensitive information in the certificate of protecting the deployer also is provided with between step 22 and step 23
Step 22a, described deployer send the access control policy of checking described certificate to described service container;
Whether step 22b, described service container are checked the certificate that satisfies the access control policy check described certificate, if having, and execution in step 22c then, if do not have, then execution in step 4;
Step 22c, the described certificate that satisfies the access control policy check described certificate is sent to described deployer;
Step 22d, described deployer check the described certificate that satisfies the access control policy of checking described certificate, if by check, then execution in step 23, if not by check, then execution in step 4.
Further specify trust negotiation process of the present invention below, referring to Fig. 6, it is the trust negotiation principle schematic of ROST of the present invention, and the deployer is in security domain A, and service container is in security domain B.The deployer proposes a deployment request to service container, and container according to it self strategy, requires the deployer to provide certain certificate just to allow the execution of deployment operation after receiving this request.The deployer provides corresponding certificate to service container then, and service container is told the deployer negotiation result after these certificates are verified.If certificate is legal, then allow deployment operation to proceed, otherwise this operation is rejected.
Below by a concrete example trust negotiation process in the deployment is described.We suppose that deployer D need be a service arrangement to service container T.The step of trust negotiation is as follows:
1) D sends one to T and disposes request R Dep
2) T tells D the access strategy of oneself (having only the node that has certificate CA1 and CA2 simultaneously just to allow to carry out deployment operation).
3) D has certificate CA1 and CA2, but comprises the sensitive information of D among the CA2, so D is provided with an access strategy to CA2: the user who only has certificate CB1 just can read CA2.D sends to T again to CA1 and his strategy.
4) T has certificate CB1, so it issues D to CB1.
5) after D receives CB1,, CA2 is issued T through checking.
6) T issues D consulting successful result.
Pass through the mutual of top several steps, D and T have set up trusting relationship.Next just can be transferred to T to grid filing bag from D, dispose.
A negotiations process may spend the long time.In addition, in some cases, the user need upgrade the service of having disposed, and there is no need to carry out one time again and consults.In order to improve the efficient of negotiation, we have proposed to trust the notion of bill in ROST.After once successful trust negotiation, the deployer can trust bill to one of service container application, trusts in the bill key safety information of having stored some trust negotiations at this.The trust bill has been arranged, and the deployer carries out trust negotiation with regard to not needing once more with this service container, and the trust bill that only need show him just.Therefore method of the present invention also is provided with between described step 1 and step 2:
Step 11, deployer check whether be configured the trust bill, if then execution in step 12, if not, then execution in step 2;
Step 12, deployer submit to described service container with described trust bill, and described service container is verified described trust bill, if be proved to be successful then execution in step 3, if unsuccessful, then execution in step 2.
For guaranteeing higher fail safe, trusting bill can and have the limited lifetime by the service container signature of issuing.
In ROST, we adopt accurate RTML (Role-Based Trust ManagementLanguage Markup Language is based on role's trust management SGML) to come the description of access control strategy and based on the certificate of attribute.When the storage of certificate when being distributed, the algorithm of target directing has guaranteed that all available certificates can both be found and collect.In the design of ROST, the form of trusting bill is:<subject, issuer, subject, valid date, expiration date, signature 〉.
In addition, the exchange of negotiation information must be on the safe communication agreement (such as SSL/TLS (SecureSocket Layer/Transport Level Security, security socket layer/Transport Layer Security)), thereby prevents eavesdropping, man-in-the-middle attack, Replay Attack etc.In ROST, we follow the WS-Security standard and the WS-SecureConversation standard is protected soap message.
It should be noted last that, above embodiment is only unrestricted in order to technical scheme of the present invention to be described, although the present invention is had been described in detail with reference to preferred embodiment, those of ordinary skill in the art is to be understood that, can make amendment or be equal to replacement technical scheme of the present invention, and not break away from the spirit and scope of technical solution of the present invention.

Claims (8)

1, a kind of authentic remote service heat deploying method is characterized in that comprising the steps:
Step 1, deployer send the service arrangement request to long-range service container;
Step 2, deployer and service container carry out trust negotiation, if consult successfully, then execution in step 3, otherwise, execution in step 4;
Step 3, described service container are carried out hot deployment operation;
Step 4, end.
2, authentic remote service heat deploying method according to claim 1 is characterized in that also being provided with between described step 1 and step 2:
Step 11, deployer check whether be configured the trust bill, if, then execution in step 12, if not, then execution in step 2, wherein said trust bill is that deployer and service container carry out being obtained the key safety information of having stored trust negotiation in the described trust bill to the service container application by the deployer after the trust negotiation success;
Step 12, deployer submit to described service container with described trust bill, and described service container is verified described trust bill, if be proved to be successful then execution in step 3, if unsuccessful, then execution in step 2.
3, authentic remote service heat deploying method according to claim 1 is characterized in that described step 2 is specially:
Step 21, described service container obtain the access control policy of deployment services and send to described deployer from configuration file;
Step 22, described deployer check whether himself has the certificate that satisfies described access control policy, if having, then execution in step 23, if do not have, then execution in step 4;
Step 23, the described certificate that satisfies described access control policy is issued described service container;
Step 24, described service container are tested to certificate, if by check, then execution in step 3, if not by check, then execution in step 4.
4, authentic remote service heat deploying method according to claim 3 is characterized in that also being provided with between step 22 and step 23:
Step 22a, described deployer send the access control policy of checking described certificate to described service container;
Whether step 22b, described service container are checked the certificate that satisfies the access control policy check described certificate, if having, and execution in step 22c then, if do not have, then execution in step 4;
Step 22c, the described certificate that satisfies the access control policy check described certificate is sent to described deployer;
Step 22d, described deployer check the described certificate that satisfies the access control policy of checking described certificate, if by check, then execution in step 23, if not by check, then execution in step 4.
5,, it is characterized in that described step 3 is specially according to the arbitrary described authentic remote service heat deploying method of claim 1 to 5:
Step 31, described service container receive by the grid archive file of Simple Object Access Protocol SOAP annex transmission or from the ftp server the download grid archive file;
Step 32, described service container call the local disposition module and dispose described grid archive file.
6, authentic remote service heat deploying method according to claim 5 is characterized in that described step 32 is specially:
Step 321, check whether the grid archive file exists, if there is no, then execution in step 4, if exist then execution in step 322;
Step 322, judge whether the ANT environment is available, if unavailable, then execution in step 4, if available, then execution in step 323;
Step 323, call the ANT instrument grid archive file is deployed in the service container.
7, authentic remote service heat deploying method according to claim 1 is characterized in that also being provided with the operation of the grid archive file of anti-deployment appointment between described step 2 and step 3.
8, authentic remote service heat deploying method according to claim 7 is characterized in that the operation of the grid archive file of described anti-deployment appointment is specially:
Step 31a, judge whether the ANT environment is available, if unavailable, then execution in step 4, if available, execution in step 31b then;
Step 31b, call all configuration informations and the program file deletion that will be loaded into when the ANT instrument will be disposed the grid archive file of described appointment in the service container.
CNB200510132536XA 2005-12-26 2005-12-26 Authentic remote service heat deploying method Expired - Fee Related CN100353713C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB200510132536XA CN100353713C (en) 2005-12-26 2005-12-26 Authentic remote service heat deploying method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB200510132536XA CN100353713C (en) 2005-12-26 2005-12-26 Authentic remote service heat deploying method

Publications (2)

Publication Number Publication Date
CN1791024A CN1791024A (en) 2006-06-21
CN100353713C true CN100353713C (en) 2007-12-05

Family

ID=36788547

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB200510132536XA Expired - Fee Related CN100353713C (en) 2005-12-26 2005-12-26 Authentic remote service heat deploying method

Country Status (1)

Country Link
CN (1) CN100353713C (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192937B (en) * 2006-11-24 2010-05-12 华为技术有限公司 A hot deployable method and its system
CN101707613B (en) * 2009-12-10 2012-12-12 北京信息科技大学 Authentication system based on trust negotiation and user login and collaboration systems and methods
CN102255969B (en) * 2011-07-14 2014-02-19 南京邮电大学 Representational-state-transfer-based web service security model
JP2016099714A (en) * 2014-11-19 2016-05-30 沖電気工業株式会社 Transaction device, monitoring device and monitoring system
CN105610885A (en) * 2014-11-25 2016-05-25 上海天脉聚源文化传媒有限公司 Method and system for deploying WeChat service
CN106685901B (en) * 2015-11-10 2020-06-02 华为技术有限公司 Method for processing cross-domain data, first server and second server
CN107908414A (en) * 2017-11-22 2018-04-13 中国银行股份有限公司 A kind of method, apparatus and system of the deployment of application server version

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003073309A1 (en) * 2002-02-22 2003-09-04 Bea Systems, Inc. Web services programming and deployment
CN1647071A (en) * 2001-10-24 2005-07-27 Bea系统公司 Data synchronization

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1647071A (en) * 2001-10-24 2005-07-27 Bea系统公司 Data synchronization
WO2003073309A1 (en) * 2002-02-22 2003-09-04 Bea Systems, Inc. Web services programming and deployment

Also Published As

Publication number Publication date
CN1791024A (en) 2006-06-21

Similar Documents

Publication Publication Date Title
De Laat et al. Generic AAA architecture
CN112417037B (en) Block chain construction method for distributed identity authentication in industrial field
CN100399739C (en) Method and system for realizing trust identification based on negotiation communication
US7346923B2 (en) Federated identity management within a distributed portal server
Hatzivasilis et al. The Interoperability of Things: Interoperable solutions as an enabler for IoT and Web 3.0
US7735117B2 (en) Context-sensitive confidentiality within federated environments
CN100353713C (en) Authentic remote service heat deploying method
EP3557456B1 (en) Method and device for data processing and communication system comprising such device
CA2483233A1 (en) System and method securing web services
Torroglosa-García et al. Integration of the OAuth and Web Service family security standards
Bellavista et al. Protection and interoperability for mobile agents: a secure and open programming environment
Chafle et al. Orchestrating composite web services under data flow constraints
Alliance 5g end-to-end architecture framework
Al-Jaroodi et al. Security issues of service-oriented middleware
US20240012921A1 (en) Dynamic resolution and enforcement of data compliance
Laat et al. RFC2903: Generic AAA architecture
US20240012931A1 (en) Constraining application workloads using data compliance rules
Djordjevic et al. Dynamic security perimeters for inter-enterprise service integration
Alchaal et al. Managing and securing web services with vpns
EP1810472A1 (en) Method and adapted terminal device for secure session transfer
Andrade et al. Fog of things: Fog computing in internet of things environments
Ferris Web services architecture
Gommans et al. Generic AAA architecture
Yoneki et al. Openness and interoperability in mobile middleware
Brooks et al. Securing wireless grids: architecture designs for secure wiglet-to-wiglet interfaces

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20071205

Termination date: 20121226