【作者】 王翠；

【导师】 刘方爱；

【作者基本信息】 山东师范大学 ， 计算机应用技术， 2010， 硕士

【摘要】 近年来,随着Internet的迅速发展和应用需求的日益增长,人们面临着无处不在的海量信息资源,却无法获得需要的有效资源。于是,网格计算的概念也就就应运而生了。网格构建在现有的Internet上,采用标准、开放、通用的协议和接口,协调分布式资源的使用,为网格用户提供非平凡的服务质量。由于网格具有具有大规模、高速、分布、异构、动态、可扩展等特点,与以往的网络环境相比,网格对安全问题提出了更高的要求。网格安全一直是网格研究的热点问题。网格是一个开放的环境,其本质特征是资源的共享,必须对各种网格用户提供方便而有效的资源获取的手段,这就必须以损失网格环境的安全性为代价。因此,在网格环境中加强安全性面临着巨大挑战。必须提供灵活而有效的安全策略来保障网格的安全,其中,最常用的方法就是建立网格安全认证。本文的主要研究工作和创新包括:(1)首先,介绍了网格的基础知识,包括:网格的概念和特点、网格体系结构、网格安全及其面临的问题;深入研究了网格认证问题,详细阐述了X.509和Kerberos两种认证机制、网格安全基础设施GSI以及MyProxy在线证书仓库系统;(2)然后,在深入研究教育资源网格的逻辑结构和已有网格认证模型的基础上,提出了一种基于管理域的教育资源网格认证模型。该模型引入了管理域的概念,使得教育资源网格认证模型具有很好的灵活性和可扩展性,同时还简化了证书服务系统实现的难度并提高了可操作性;(3)最后,针对教育资源网格的管理域内的用户认证问题,本文设计和开发了一个基于Web的教育资源网格证书服务系统,该系统为普通网格用户提供了安全的认证和证书管理功能以及方便友好的图形用户界面,很好地解决了教育资源网格的安全认证问题。更多还原

【Abstract】 In recent years,with the rapid development of Internet and the growing demand of applications,we are facing massive information resources,but,we can not get effec- tive resources which we need.Thus,the concept of grid computing appeared.Built on the existing Internet, Grid adopts standard,open and common protocols and interfaces, coordinates the use of distributed rexources,and provides non-trivial quality of service for users. Due to grid characteristic of large-scale, high-speed, distributed, heteroge- neous, dynamic,extensible,compared with previous network environments,there is a higher demand for grid security.Grid security has always been a hot issue in grid research.Grid is an open enviro- nment,its essential characteristic is the sharing of resources,and it must provides conv- enient and efficient means of resources acquisition for various users,which must be to damage the security of grid environment.Therefore,enhancing security faces an enor- mous challenge in the grid environment。There must be a flexible and effective securi- ty strategy to protect the security of grid,the most common method is to build a safe grid anthentication system.The main research work and innovations in the paper includes:(1) Firstly,the paper introduces the basics of the grid,including:the concept and characteristics of the grid,the grid architecture,the grid security and its problems;then, studies the grid authentication in-depth and elaborates X.509 and Kerberos authentication mechanism,Grid Security Infrastructure(GSI) and MyProxy,which is an online certificate warehouse system.(2)Secondly,on the basis of the analysis of logical structure of Education Resources Grid and exsiting grid,the paper proposes an Education Resources Grid Authentication Model based on management domains.The model introduces the concept of mangement domain,which provides Education Resources Grid Authentica- tion Model good flexibility and scalability,while also simplifying implementation of the certificate service system and improving its operability.(3)Finally,to solve authentication problems for users in the management domain of Education Resources Grid,the paper designs and develops an Education Resources Grid Certificate Service System based on Web,which provides authentication security,certificate management functin,and convenient and friendly graphical user interface for normal grid users.Authentication security Problems can be solved.更多还原