【作者】 陈学勤；

【导师】 吴慧中；

【作者基本信息】 南京理工大学 ， 计算机应用技术， 2009， 博士

【摘要】 虚拟采办,即基于仿真的采办(SBA),是一种新型防务采办方法,主要思想是将建模与仿真(M&S)技术协同地应用到采办过程的各阶段中,从而使大型复杂产品的采办“更好、更快、更省”。实施虚拟采办的前提条件之一就是要实现采办的信息化,通过软件基础设施的强健支持达到信息的及时按需获取、M&S工具的互操作、采办参与人员的协同工作等目的,然而目前还缺少这样的软件基础设施。Web服务是一种面向服务的新型分布式计算技术,具有模块化、松耦合、平台无关等特性,在实现广域、跨异构平台的软件系统方面具有优势。在省部级预先研究项目的资助下,本文提出了一个基于Web服务的虚拟采办软件系统的体系结构,研究了其中的服务质量动态预测、Web服务系统的访问控制等关键技术,并在虚拟采办软件系统中对这些关键技术进行了实现和应用。论文的主要研究工作包括:首先,针对国内大多数复杂产品的采办流程仍然为串行瀑布式的问题,借鉴当前国际上有关虚拟采办的新思路,设计了一种循环改善、螺旋式上升的虚拟采办流程;另外结合该流程,提出了一个基于Web服务的虚拟采办软件系统的体系结构,并从Web服务这一分布式计算技术方面分析了实现该系统所需要研究的主要关键技术,包括Web服务组合、Web服务质量(QoS)、Web服务的系统安全等。其次,在Web服务QoS的研究方面,由于影响Web服务QoS的因素很多且动态变化,如何能动态及时地获取QoS是基于QoS进行其他研究的前提,因此论文提出了一种反馈式的Web服务QoS动态获取方法(FQCM)。该方法将UDDI兼容地扩展为UDDI-Q,增加了一些与QoS相关的内部模块和对外接口,使之具有收集服务请求者所反馈的服务质量信息的能力。文中还给出了FQCM的详细实现途径,例如UDDI-Q的内部结构、数据模型、函数接口等。Web服务QoS预测能够结合已采集到的QoS数据来增强评估质量,而目前国内在Web服务QoS动态预测方面的研究还处于起步阶段。论文通过引入贝叶斯动态模型提出了一种Web服务QoS动态预测方法,并给出了采用常均值模型进行预测的步骤,还深入研究了预测过程中预测参数的确定、非均匀时间间隔的处理、主动干预等问题。在基于Web服务构建的实际系统中,对该QoS预测方法进行了参数选取变化、主动干预等情形下的有效性实验。再次,在Web服务的系统安全和访问控制方面,采用Web服务实现的虚拟采办软件系统面临着功能和资源的松耦合分离,传统的访问控制模型难以动态、异步地应对这种情况。论文在深入分析了当前Web服务安全需求和安全技术的基础上,提出了一种基于属性的双重访问控制模型(ABDAC),从而实现系统功能和资源的双重访问控制。ABDAC通过证书代理实现广域范围内的用户身份鉴别,文中详细研究了功能端和资源的访问控制授权策略、属性-权限映射算法和授权决定算法,并分析了ABDAC的安全性。采用XACML语言实现了ABDAC模型的应用实例,并测试了其对系统性能的影响。最后,论文采用扩展QoS和安全的Web服务体系结构,设计并实现了基于Web服务虚拟采办软件系统的两个重要子系统——综合集成研讨厅和产品数据管理系统。这两个系统都得到了实际应用,表明上述研究工作是有效的。更多还原

【Abstract】 Simulation Based Acquisition (SBA) is a new theory and method of defense equipments acquisition. By apply modeling and simulation (M&S) technologies to all stages of the acquisition process collaboratively, SBA can make the acquisition of complex products and equipment better, faster and cheaper. One of the prerequisites to implement SBA is the support of a robust information infrastructure, which should achieve on-demand access to information in a timely manner, interoperability of M&S tools and resources, collaborative working of participate, and so on. However, there is a lack of such information infrastructure currently. Fortunately, web service is a service-oriented distributed computing technology, with features of modular, loosely coupled and platform-independent. And it has advantages in the realization of wide-area, heterogeneous cross-platform software system, which meet demand of information infrastructure for SBA. In this dissertation, web services are utilized to construct architecture of SBA software support system, and the dissertation focuses on some key technologies, such as dynamic forecast of Quality of Service (QoS) and double access control for web service.Firstly, as domestic acquisition process was serial-style, a spiral-style process for SBA of complex product is designed, which adopts concurrent engineering. Furthermore, the dissertation proposes a web service based software architecture for SBA, and then discuss some major research thrusts: quality of web service, web service based system security, etc.The QoS of Web service is affected by many factors and they change frequently, and it is a challenge to collecting QoS timely for other QoS-based researches. Thus, it presents a feedback-based web service QoS dynamic collection method (FQCM). FQCM extends UDDI to UDDI-Q, which has capability of collecting and storing QoS information from service requesters. Without changing UDDI, UDDI-Q appends some QoS-related functions and interfaces, and it is compatible with the classic web service architecture.Web service QoS forecast can be combined with collected data to improve QoS assessment quality and to reflect the trends of web service QoS timely, but research of Web service QoS forecast in domestic is still at an initial stage. By introducing bayesian dynamic model, the dissertation proposes a novel QoS forecast method of web service and describe the forecast steps of dynamic linear model. The dissertation also discusses some problems of QoS forecast, such as determination of parameters, solution of non-uniform time interval, active intervention. The results of experiment in running system indicate that the forecast method is valid.Because the functions and resources of web service based system are separated and loosely coupled, the traditional access control models are difficult to deal with such situation. In this dissertation, after analyzing security requirements of web service based system, an attributed based double access control model (ABDAC) is presented to achieve access control of functions and resources in the web service based system. The dissertation proposes access control policy and attributes-privileges mapping algorithms of ABDAC, and discusses consistency and integrity of ABDAC. Moreover, XACMLis used to realize an application of ABDAC and test the impact to system performance.At last, the dissertation introduces web service architecture with QoS and security extended, and then we implement two sub-systems of software infrastructure to SBA: Hall for Workshop of Metasynthetic Engineering and Product Data Management System. These two sub-systems have been applied in projects of complex product acquisition.更多还原