Research On Security Incidents Publish-Subscribe System Based On SOA

To improve the safety of network, network security management platform came into being. The platform can effective to collect all kinds of security incidents through the firewalls, vulnerability scanning, IDS, anti-virus and other security equipment, and thus to provide the command situational awareness and decision support, but the platform of security incidents is handled less efficient, so there is an urgent need for a specific security incident efficient, stable, scalable and cross-platform automated processing system, and the security incidents can be automatically flow ,to further enhance the effectiveness of security.Based on the detailed analysis of the characteristics of security incidents, the existing Publish-Subscribe System and the interrelated IT technologies, this paper designs Security Incidents Publish-Subscribe System of SOA. The Security Incidents Publish-Subscribe System based on SOA separated the view of system and the dealing logic through the Struts technology. The use of Web Services technology package the calling of Incidents Publish-Subscribe as services and make service delivery and call interface standardization, the real separation of service interfaces and services, so that the Incidents Publish-Subscribe is not dependent on the specific platform. EJB makes the system to further the use of a remote call transparent distributed. Finally, using the ESB to carry out centralized management environment for Web Services, which provide information processing and information routing agent for for heterogeneous systems,all of these make the system can adapt to an possession of safety equipment platform to upgrade and update constantly.In this paper, the total project, resolve methods of key techniques, and the main realization techniques are proposed, which provide the theoretical and technologic foundation for the implementation of the Security Incidents Publish-Subscribe System Based on SOA. The establishing of this system will improve the efficiency of dealing with security incidents, and effectively prevent the recurrence of security incidents, the network security management platform will play a better role.