Research On SOA-Oritented Command And Control System Information Interactive Security Mechanism

With the development of Command and Control System, information silos becomethe most important issue limited the development of Command and Control Systemwith informationization. In order to eliminate the "chimney" structure of the traditionalCommand and Control System and solve the problem of isolated island,Service-oriented SOA (Service Oriented Architecture) Command and Control System isapplied. It can achieve application integration, interconnection, intercummnication andinteroperability of heterogeneous systems. But security issues of Command and ControlSystem based on SOA slows down the process of implementation of SOA. Therefore, aset of information interaction security mechanisms based on SOA-oriented Commandand Control System to meet its safety requirements is designed without affecting theadvantage of SOA Command and Control System with loose coupling and highretractility. It is an urgent problem to be solved in the Command and Control Systemapplications development research.First of all, SOA-oriented Command and Control System architecture and protocolcharacteristics are researched. The research is focus on the Command and ControlSystem architecture, Service-oriented Architecture (SOA) combined with Web Servicestechnology. On this basis, the SOA-oriented Command and Control System softwarearchitecture, key technologies and protocol characteristics are researched in detail. Thevulnerability, security requirements of information interaction, message layer securitymechanisms and transport layer security mechanisms of SOA-oriented Command andControl System is analyzed in depth. For the vulnerability of SOA-oriented Commandand Control System, the research for the interactive information security mechanismbased on SOA-oriented Command and Control System is carried out. Then theinteractive information security model for SOA-oriented Command and Control Systemis designed. The service requestor and the registration center, service provider andregistered center, service requestor and service provider of information securityinteractive timing diagram are respectively designed. Finally, simulation andperformance analysis of security model of SOA-oriented Command and Control System security mechanisms are carried out, focusing on the simulation of encryption, digitalsignatures, adding timestamp. Then security and processing efficiency of AESencryption and digital signature algorithm used by security model are tested. Based onthe confidentiality, tamper-resistant and non-repudiation of information, the process ofinformation interaction of SOA-oriented Command and Control System adding securitymechanisms and without adding security mechanisms are respectively attacked bySOAP replay attack. Through analyzing CPU and Memory occupancy of SOACommand and Control System and comparing simulation data, capability of anti-replayattacks of security mechanism based on SOA-oriented Command and Control System isverified. Thereby, the security of information interactive security mechanism based onSOA-oriented Command and Control System is ensured.