Research And Design Of Mimic Identity Authentication Gateway Based On Competitive Arbitration

Recently,the Internet has successfully penetrated into various fields.Subsequently,the related private network,intranet and specific domain were widely used.Therefore,the security requirements for the gateway have been increased accordingly.Thus,Academician Jiangxing Wu proposed the Cyber Mimic Defense(CMD)theory in 2016,whose Dynamic Heterogeneous Redundancy(DHR)mechanism can ensure cyberspace endogenous safety and security.In this thesis,we focus on the situation that the result of mimic arbitration may be abnormal,when ?(N+1)/2? executors are breached among N online heterogeneous executives but the system cannot perceive it.The main research of this work is as follows:(1)The LCAO model based on the competitive arbitration framework was designed.Compared with the non-competitive arbitration model,the LCAO proposed in this thesis can output the execution result through the competition,which effectively reduces the execution time of the arbitration model.Moreover,different from the competitive arbitration model,LCAO can find executives that output abnormal execution results through the binary log matching module and the verification module,to perceive system abnormality and reduce the probability of differential mode escape in the arbitration model,when ?(N+1)/2? online heterogeneous executives are in the same failure space.(2)The LCAV strategy was proposed,which combines database binary log and single pattern matching algorithm.This method adopted Sunday algorithm to match the operation records in the binary log file,to verify whether the log matching result is consistent with the arbitration result,when there is an inconsistency in the results of the competitive output by utilizing LCAO model.Therefore,the LCAV strategy can check the correctness of the arbitration result,to reduce the output of incorrect results caused by the abnormality of?(N+1)/2? online heterogeneous executives,and improving the correct rate of the arbitration results.In addition,this thesis also constructs a mimic identity authentication gateway based on competitive arbitration through integrating the LCAO model and LCAV strategy proposed above.The simulation experiments show that the improved mimic identity authentication gateway system can effectively reduce the probability of differential mode escape and increase the rate of passing the correct result arbitration,thereby enhancing the endogenous security of the system.The LCAO model and LCAV strategy proposed in this thesis are suitable for DHR frameworks,which contain database heterogeneous redundant executives or heterogeneous components.At the same time,they can also be used as the fault-tolerant design solution in the redundant fault-tolerant architecture,to strengthen the safety and reliability within the system execution cycle.Finally,there are 20 figures,14 tables and 60 references in the thesis.