| Fiber-optic communication is a national infrastructure that supports information network, and it is responsible for the national economy related to high-speed, large-capacity information transmission task. Nowadays,with the rapid development of the information technology and increasingly large-scale communication networks, communication networks achieve more efficient management. A large number of major enterprises have developed integrated network management system in order to improve the network operation and maintenance management. As the loose structure and the complexity of distributed CORBA platform, distributed network management system is facing more serious security problems in NMS(Network Management System). Therefore, the improvement of the NMS integrated CORBA security design has a great significance.Based on CORBA security integrated network management system,this thesis introduces several methods to prevent implicit authorization attacks, and proposes some methods based on CORBA object references to face the security threats.The main works are as follows:Firstly, a threat to the object key based on CORBA object reference in many CORBA products is presented by testing. In addition, it proves that this kind of implicit authorization for object reference can be attacked by this attack method in many CORBA products.Secondly, two encryption algorithms for CORBA object key are proposed. By using the encryption algorithms, effective security protection is achieved to prevent the threats from implicit authorization.Finally, a third-party CORBA testing software for Huawei iManager T2000 NMS by using the encrypting algorithm package is implemented. It gives Huawei iManager T2000 NMS better performance on safety. Thus it proves the correctness and effectiveness of the encryption algorithms proposed in this thesis. |
PDF Full Text Request