| As a concept originated to manage those fixed activities of businesses, workflow can execute and monitor these activities by dividing them into well-defined tasks, roles, rules and procedures. As a result, workflow can achieve the aim at improving the organization level of business and work efficiency, and provide an advanced method for enterprises to carry out their business goals more effectively. However, in the heterogeneous, distributed, loosely-coupled environment of modern enterprise information resource, the traditional workflow tends to develop into distributed direction. The appearance of mobile agent technology provides a better way to construct workflow system With code migrating among network nodes to collect and deal with information automatically, it has many advantages such as reducing the network flux, suiting the mobile user, adaptable to data integration and possessing parallel feature, etc. So workflow constructed based on mobile agent technology can solve the deficiencies in performance and application to a certain extent. However, the security risks brought by the migrating characteristic of migrating instance, which is constructed based on the mobile agent paradigm, propose greater challenges to the security of migrating workflow. So, it is an urgently solved problem to build corresponding security mechanism to reduce these security risks.In the migrating workflow system, the security problems brought by migrating instance contain the workplace security problems and the migrating instance security problems. In the traditional workflow system, there are no such security problems on task executors because of the fixed workplaces. Oppositely, in the migrating workflow, there are potential risks for migrating instance as a task executor that its data, code and state may be modified and spied out when migrating and executing. On the basis of above research background, this thesis mainly discussed the security problem of migrating instance, and presented a security policy aimed to migrating instance security and suitable for migrating workflow management system which can protect migrating instance by Initiative security mechanism according to its security risks.The security agent which can provide security service for migrating instance has the ability to detect danger on a host that the migrating instance will arrive latter. In the aspect of security agent design, through the study on time limited black box, we proposed corresponding mess-up transformations on migrating instance to create security agent. The usage of these transformations in migrating instance could reduce the readability for hiding its internal code and data. We also build a danger detection part to detect danger on a host based on danger theory. This thesis gave a formalized description of this entity and discussed its structure in detail. Finally, a initiative security model which can protect migrating instance security initiatively was proposed to enhance the ability of migrating instance to resist outer destroy and the main class was given, too.This thesis went deep into the security problem of migrating instance and discussed its essential technical implement, and thus provided a feasible security mode for the application of migrating workflow system. |
PDF Full Text Request