Web服务的多层入侵容忍机制

Web服务通过互联网向公众提供各种服务,其存在的漏洞容易受到攻击.攻击会导致许多恶意操作或故障,致使Web服务器无法正常工作或发生安全事件.确保服务器的安全性,以保障系统数据和服务的私密性、完整性及可用性.Web服务的多层入侵容忍机制,结合传统安全技术和容忍技术在服务器前和在服务器结构内部署不同传感器,侦测各请求对服务器的影响.对不同安全级别的请求提供相应的服务,并一定程度上容忍非正常请求的存在.在Web服务系统上提供有效的深度防御,提高Web服务器对入侵、攻击的适应能力,即使发生严重事件也能及时恢复Web服务.不会因存在入侵、故障而停止服务,从而提高Web服务器的生存能力.

Multi-layer intrusion tolerant mechanism for Web services

Web server provide various services to the public via the Internet.The existing loopholes are attacked frequently.The attacks could lead to a number of malicious operation or failure,resulting in Web server fault or security incident.To ensure server security to protect system data and services privacy,integrity and availability.Multi-layer intrusion tolerant scheme for Web services,which combinates traditional network security technology with intrusion-tolerant technology,provides an effective deep defense to Web server.We installed different sensors in front of Web server and in the server architecture.The sensors detect the effects to server caused by different requests.The scheme provides appropriate service to the requests,which were marked the different levels of security.And it tolerates the existence of abnormity request to some extent.So the system provides an effective defense in depth on Web server.It improves itself ability to defense attacks and intrusions.Even if the serious incident happened,it could restore Web services in time.The service will not be failed for intrusion or failure.So it must enhance the viability of Web services.