网络考试系统安全及容错处理的研究与实现
|
摘要
在现今中国高校中,非计算机专业学生均开设了计算机基础课程,计算机操作能力已成为学生必备的一项技能,虽然每年都有相应的国家和省级计算机等级考试,但在各学校中采用考试系统对计算机基础课程进行测试尚未普遍,且已有的考试系统都存在功能和安全方面的问题,因此研究并开发适合高校计算机基础教学与测试的高可靠、高可用和高安全性的考试系统,成为当前一个重要研究课题。
论文深入调查和分析了各种网络考试系统解决方案,着重研究了当前网络考试系统存在的安全和容错性问题,并详细阐述了系统开发中需要采用的相关技术。
论文在比较和分析已有考试系统的基础上,研究并设计了针对高校计算机基础教学的网络考试系统,并通过采用身份认证、访问控制、加密传输等技术,保证了考试系统的安全性。
本文设计并实现的考试系统通过采用服务器主备双机容错技术、双服务器推拉式通讯技术、客户端单线程管理技术以及客户端失效检测技术,实现了对考试系统的容错管理,提高了考试系统的可靠性和可用性。
系统测试表明:考试系统正确地实现了各项功能,并具备较强的系统安全性和容错性。
Recently,in college and university of China, computer basic courses are open to all students even who are curbstone to computer, the ability of computer manipulation is an indispensable skill for students.Although national and provincial computer grade test are carried on every year, it isn't prevalent to take the way of network testing system in computer basic course examination; Besides, there are several deficiencies of function or security in existing examination system. So it's an urgent and important task to research and exploit a more reliable, useful and safe examination system, which can adapt to school computer basic course teaching and testing.
Various resolvents of network testing system were investigated and analysed in this paper, emphasize on researching the safe and fault tolerate problem existed in current network examination system, and the correlated technologies were expatiated in detail, which needed in the system exploitation.
Based on comparing and analysis of recent existent examination system, network testing system was researched and designed, which aimed at computer basic course teaching. By the technologies of ID attestation, access control and encrypt transmission, the security of test system was guaranteed.
Through the technologies of fault tolerate in main and spare servers, double servers push-and-pull communication, single-thread management and failure detection in client, network exam system was designed and realized in this paper, which can achieve the management of fault tolerate in exam system, enhance the reliability and usability of examination system.
The testing of system made clear that, network examination system achieved kinds of functions exactly, and it had a better ability of security and fault tolerate.
论文深入调查和分析了各种网络考试系统解决方案,着重研究了当前网络考试系统存在的安全和容错性问题,并详细阐述了系统开发中需要采用的相关技术。
论文在比较和分析已有考试系统的基础上,研究并设计了针对高校计算机基础教学的网络考试系统,并通过采用身份认证、访问控制、加密传输等技术,保证了考试系统的安全性。
本文设计并实现的考试系统通过采用服务器主备双机容错技术、双服务器推拉式通讯技术、客户端单线程管理技术以及客户端失效检测技术,实现了对考试系统的容错管理,提高了考试系统的可靠性和可用性。
系统测试表明:考试系统正确地实现了各项功能,并具备较强的系统安全性和容错性。
Recently,in college and university of China, computer basic courses are open to all students even who are curbstone to computer, the ability of computer manipulation is an indispensable skill for students.Although national and provincial computer grade test are carried on every year, it isn't prevalent to take the way of network testing system in computer basic course examination; Besides, there are several deficiencies of function or security in existing examination system. So it's an urgent and important task to research and exploit a more reliable, useful and safe examination system, which can adapt to school computer basic course teaching and testing.
Various resolvents of network testing system were investigated and analysed in this paper, emphasize on researching the safe and fault tolerate problem existed in current network examination system, and the correlated technologies were expatiated in detail, which needed in the system exploitation.
Based on comparing and analysis of recent existent examination system, network testing system was researched and designed, which aimed at computer basic course teaching. By the technologies of ID attestation, access control and encrypt transmission, the security of test system was guaranteed.
Through the technologies of fault tolerate in main and spare servers, double servers push-and-pull communication, single-thread management and failure detection in client, network exam system was designed and realized in this paper, which can achieve the management of fault tolerate in exam system, enhance the reliability and usability of examination system.
The testing of system made clear that, network examination system achieved kinds of functions exactly, and it had a better ability of security and fault tolerate.
引文
[1]栾好利.基于局域网的计算机考试系统研究与实现.东北大学学报,2006,13(10):33-35
[2]明仲,戚杰.基于web的网上考试系统的设计与实现.中国电化教育,2004,6(2):83-85
[3]梅晓勇,颜君彪,侯识忠.网络环境下的考试系统应用设计与实现.计算机工程与应用,2003,8(26):43-46
[4]全渝娟,范荣强.基于Web的远距离考试系统.计算机应用与软件,2003,15(7):92-92
[5]李琦.基于C/S模式的计算机等级考试上机考试系统.重庆大学学报,2004,26(7):143-145
[6]杨洋,伍俊洪,林孝康.基于B/S结构的网上考试系统的设计与实现.中国有线电视,2003,9(10):116-120
[7]詹英.计算机应用能力网络化考核系统设计.计算机工程与科学,2005,27(1):40-41,57
[8]杨滨.计算机等级考试系统的开发.计算机与现代化,2005,12(8):103-105
[9]张全和.关于考试阅卷系统开发的必要性和可行性.重庆大学计算机基础教学研讨会论文集,2004:47-49
[10]刘占阳,孙海波,王亮等.计算机无纸化考试系统的设计与实现.河北省科学院学报,2003,20(4):127-128
[11]李剑波,汪永琳,李海明.计算机技术基础课考试系统研究.计算机与数字工程,2006,34(4):28-31
[12]于晓慧.基于Client/Server模式的题库管理系统的研究与实现.教育技术研究,2003,21(5):33-36
[13]K.A.Anderson and B.H.Kirouac.A Simple and Free System for Automated Network Backups.In The Third Annual System Administration.Networking and Security Conference(SANS Ⅲ),Open Systems Conference Board,April 1994 Page(s):63-68
[14]Miller V.Uses of elliptic curves in cryptography.Advances in crytology-Crpto'85.Berling:Spring Verlag,1986:417-426
[15]Koblitz N.Elliptic curve cryptosystems.Mathmatics of Computation,1987,148(25):203-209
[16]Robshaw M,YinY.Elliptic Curve Cryptosystems,an RSA Laboratories Technical Note.Revised June 27,1997:465-468
[17]Etsuko Suzuki,A Design of Authentication System for Distributed Education,IEEE 2004,31 May-2 June 2004 Page(s):66-71
[18]章璐,陈阂中.计算机化自适应考试系统在英语测试中的运用.电脑开发与应用,2004,45(2):2-4
[19]龙冬阳.网络安全技术及应用.广州:华南理工大学出版社,2006:88-90
[20]胡志远.口令破解与加密技术.北京:机械工业出版社,2003:143-146
[21]蔡皖东.网络与信息安全.西安:西安工业大学出版社,2004:264-265
[22]李涛,欧宗瑛.基于个人特征的身份认证技术发展与应用.计算机工程,2002,32(12):69-71
[23]杨俊,景弧.浅谈生物认证技术-指纹识别.计算机时代,2004,31(3):3-4
[24]汪林峰,林斌.基于虹膜识别技术的便携式身份认证系统.光电子激光,2001,17(10):1076-1078
[25]Chendong Zou,Betty Salzberg.Safely and efficiently updating references during on-line reorganization.VLDB,1998:23-26
[26]Bamford R,Butler D,Klots B,Macnaughton N.Architecture of Oracle Parallel Server.VLDB,1998:132-133
[27]陈胜功.容错计算机技术及应用研究.北京:航空工业出版社,2000:57-59
[28]王珍熙.可靠性、冗余及容错技术.北京:航空工业出版社,1991:243-247
[29]南英,陈士格.戴冠中容错控制进展.北京:航空工业出版社,1993:62-67
[30]Yoon j,Kim H.Time-redundant recovery policy of TMR failures using roll back and roll-forward methods.Computers and Digital Techniques,IEE Proceedings Volume 147,Issue2,March 2000 Page(s):124-132
[31]Anderson Thorns E,Culler David E,Paterson David A.A case for Now(Net Works of Workstations).IEEE MICRO February 1995:57-59
[32]L.Lin,M.Ahamad.Checkpointing and rollback -recovery in distributed object based system.proc.IEEE fault-Tolerant Computing ymp,1990:97-104
[33]John McMains,Bob Chronister.Windows NT backup & recovery.New York.McGraw-Hill,1998:1-7
[34]中国信息安全产品测评中心.信息安全理论与技术.北京:人民邮电出版社,2003:18-25
[35]郝莹.网上考试系统中的安全机制.微机发展,2001,26(3):88-92
[36]张全和,黄仁.《计算机文化基础》考试系统中的技术问题.重庆人学学报(增刊),2004,3(5):23-26
[37]N.Smart,Announcement of an attack on the ECDIP for anomalous elliptic curves,1997:47-50
[38]李继勇.身份认证技术现状和发展趋势.计算机技术研究,2005,3(8):77-78
[39]J.Kohl.The Kerberos Network Authentication Service(V5).Network Working Group,1993:105-108
[40]张红旗,车天伟,李娜.Kerberos身份认证协议分析及改进.计算机应用,2002,29(12):25-27
[41]Christopher Alberts,Audrey Dorofee.Managing Information Security Risks:The OCTAVE Approach.Addison Wesley Inc,2002:67-71
[42]罗雪平,郑奕莉,徐国定.一种扩展的基于角色的访问控制模型.计算机工程,2001,27(6):64-67
[43]SCHNERIER B.Applied Cryptography-Protocols,Algorithms,and Source Code in C.北京:机械工业出版社,2000:264-270
[44]Peter Haumer,Klaus Pohl,Klaus Weidenhaupt.Requirements elicitation and validation with real world scenes.IEEE Trans on Soft Eng,1998,23(5):1036-1054
[45]余胜泉.通用试题库组卷策略算法.教育技术通讯,2006,10(5):23-24
[46]张江,黄迪明,廖建明.通用考试系统的设计与实现.电子科技大学学报,2001,30(2):157-161
[47]R.H.Thayer,M.Dorfman.Software Requirements Engineering.IEEE Computer Society Press,1997:176-205
[48]胡建伟等.网络安全与保密.西安:西安电子科技大学出版社,2003:77-80
[49]曾华军.远程考试系统安全性.计算机工程,2001,33(3):133-135
[50]Neal Leavitt.Are Web services Finally Ready to Delver.IEEE computer,2004,37(11):14-18
[51]Flavin Cristian.Understanding fault-tolerant distributed systems.Comm.of ACM,2001,34(2):57-58
[52]H.C.Nam,J.Kim,S.J.Hong,and S.G.Lee.Probabilistic Check pointing IEICE Transactions on Information and Systems,6(17),June 2002:1093-1104
[53]淡战平,候义斌.面向应用级的纯软件双机热备份机制设计与实现.计算机工程与应用,2000,56(6):104-105,140
[54]姚耀文,刘希挥,王作新.双计算机容错系统的故障诊断模型研究.华南理工大学学报(自然科学版),1999,78(7):39-44
[55]Silbersehatz A,Galvin P.Operating System Concepts.Addison-Wesley Inc. 1994:132-135
[56]Charles D.Cranor,Matthew Green,Chuck Kalmanek,et al.Enhanced Streaming Services in a Content Distribution Network.IEEE,2001,5(4):66-75
[57]Michael N.Nelson,Brent B.Welch,et al.Caching in the Sprite Network File System.ACM Transactions on Computer Systems,1988,6(1):134-154
[58]F.B.Schneider.Implementing fault-tolerant services using the state machine approach:Atutorial.ACM Computing Surveys,1990,22(4):299-319
[59]X.Defago,A.Schiper,Semi-passive replication and Lazy Consensus.Journal of Parallel and Distributed Systems,2004,64(12):1380-1398
[60]Goes-Jen Hwang,Lin,M.T.On the development of a computer-assisted testing system with genetic test sheet-generating approach,2004(35):590-594
[61]蒋芫,李健.计算机软件测试管理应用研究.湖南理工学院学报(自然科学版),2007,63(1):3-5
[2]明仲,戚杰.基于web的网上考试系统的设计与实现.中国电化教育,2004,6(2):83-85
[3]梅晓勇,颜君彪,侯识忠.网络环境下的考试系统应用设计与实现.计算机工程与应用,2003,8(26):43-46
[4]全渝娟,范荣强.基于Web的远距离考试系统.计算机应用与软件,2003,15(7):92-92
[5]李琦.基于C/S模式的计算机等级考试上机考试系统.重庆大学学报,2004,26(7):143-145
[6]杨洋,伍俊洪,林孝康.基于B/S结构的网上考试系统的设计与实现.中国有线电视,2003,9(10):116-120
[7]詹英.计算机应用能力网络化考核系统设计.计算机工程与科学,2005,27(1):40-41,57
[8]杨滨.计算机等级考试系统的开发.计算机与现代化,2005,12(8):103-105
[9]张全和.关于考试阅卷系统开发的必要性和可行性.重庆大学计算机基础教学研讨会论文集,2004:47-49
[10]刘占阳,孙海波,王亮等.计算机无纸化考试系统的设计与实现.河北省科学院学报,2003,20(4):127-128
[11]李剑波,汪永琳,李海明.计算机技术基础课考试系统研究.计算机与数字工程,2006,34(4):28-31
[12]于晓慧.基于Client/Server模式的题库管理系统的研究与实现.教育技术研究,2003,21(5):33-36
[13]K.A.Anderson and B.H.Kirouac.A Simple and Free System for Automated Network Backups.In The Third Annual System Administration.Networking and Security Conference(SANS Ⅲ),Open Systems Conference Board,April 1994 Page(s):63-68
[14]Miller V.Uses of elliptic curves in cryptography.Advances in crytology-Crpto'85.Berling:Spring Verlag,1986:417-426
[15]Koblitz N.Elliptic curve cryptosystems.Mathmatics of Computation,1987,148(25):203-209
[16]Robshaw M,YinY.Elliptic Curve Cryptosystems,an RSA Laboratories Technical Note.Revised June 27,1997:465-468
[17]Etsuko Suzuki,A Design of Authentication System for Distributed Education,IEEE 2004,31 May-2 June 2004 Page(s):66-71
[18]章璐,陈阂中.计算机化自适应考试系统在英语测试中的运用.电脑开发与应用,2004,45(2):2-4
[19]龙冬阳.网络安全技术及应用.广州:华南理工大学出版社,2006:88-90
[20]胡志远.口令破解与加密技术.北京:机械工业出版社,2003:143-146
[21]蔡皖东.网络与信息安全.西安:西安工业大学出版社,2004:264-265
[22]李涛,欧宗瑛.基于个人特征的身份认证技术发展与应用.计算机工程,2002,32(12):69-71
[23]杨俊,景弧.浅谈生物认证技术-指纹识别.计算机时代,2004,31(3):3-4
[24]汪林峰,林斌.基于虹膜识别技术的便携式身份认证系统.光电子激光,2001,17(10):1076-1078
[25]Chendong Zou,Betty Salzberg.Safely and efficiently updating references during on-line reorganization.VLDB,1998:23-26
[26]Bamford R,Butler D,Klots B,Macnaughton N.Architecture of Oracle Parallel Server.VLDB,1998:132-133
[27]陈胜功.容错计算机技术及应用研究.北京:航空工业出版社,2000:57-59
[28]王珍熙.可靠性、冗余及容错技术.北京:航空工业出版社,1991:243-247
[29]南英,陈士格.戴冠中容错控制进展.北京:航空工业出版社,1993:62-67
[30]Yoon j,Kim H.Time-redundant recovery policy of TMR failures using roll back and roll-forward methods.Computers and Digital Techniques,IEE Proceedings Volume 147,Issue2,March 2000 Page(s):124-132
[31]Anderson Thorns E,Culler David E,Paterson David A.A case for Now(Net Works of Workstations).IEEE MICRO February 1995:57-59
[32]L.Lin,M.Ahamad.Checkpointing and rollback -recovery in distributed object based system.proc.IEEE fault-Tolerant Computing ymp,1990:97-104
[33]John McMains,Bob Chronister.Windows NT backup & recovery.New York.McGraw-Hill,1998:1-7
[34]中国信息安全产品测评中心.信息安全理论与技术.北京:人民邮电出版社,2003:18-25
[35]郝莹.网上考试系统中的安全机制.微机发展,2001,26(3):88-92
[36]张全和,黄仁.《计算机文化基础》考试系统中的技术问题.重庆人学学报(增刊),2004,3(5):23-26
[37]N.Smart,Announcement of an attack on the ECDIP for anomalous elliptic curves,1997:47-50
[38]李继勇.身份认证技术现状和发展趋势.计算机技术研究,2005,3(8):77-78
[39]J.Kohl.The Kerberos Network Authentication Service(V5).Network Working Group,1993:105-108
[40]张红旗,车天伟,李娜.Kerberos身份认证协议分析及改进.计算机应用,2002,29(12):25-27
[41]Christopher Alberts,Audrey Dorofee.Managing Information Security Risks:The OCTAVE Approach.Addison Wesley Inc,2002:67-71
[42]罗雪平,郑奕莉,徐国定.一种扩展的基于角色的访问控制模型.计算机工程,2001,27(6):64-67
[43]SCHNERIER B.Applied Cryptography-Protocols,Algorithms,and Source Code in C.北京:机械工业出版社,2000:264-270
[44]Peter Haumer,Klaus Pohl,Klaus Weidenhaupt.Requirements elicitation and validation with real world scenes.IEEE Trans on Soft Eng,1998,23(5):1036-1054
[45]余胜泉.通用试题库组卷策略算法.教育技术通讯,2006,10(5):23-24
[46]张江,黄迪明,廖建明.通用考试系统的设计与实现.电子科技大学学报,2001,30(2):157-161
[47]R.H.Thayer,M.Dorfman.Software Requirements Engineering.IEEE Computer Society Press,1997:176-205
[48]胡建伟等.网络安全与保密.西安:西安电子科技大学出版社,2003:77-80
[49]曾华军.远程考试系统安全性.计算机工程,2001,33(3):133-135
[50]Neal Leavitt.Are Web services Finally Ready to Delver.IEEE computer,2004,37(11):14-18
[51]Flavin Cristian.Understanding fault-tolerant distributed systems.Comm.of ACM,2001,34(2):57-58
[52]H.C.Nam,J.Kim,S.J.Hong,and S.G.Lee.Probabilistic Check pointing IEICE Transactions on Information and Systems,6(17),June 2002:1093-1104
[53]淡战平,候义斌.面向应用级的纯软件双机热备份机制设计与实现.计算机工程与应用,2000,56(6):104-105,140
[54]姚耀文,刘希挥,王作新.双计算机容错系统的故障诊断模型研究.华南理工大学学报(自然科学版),1999,78(7):39-44
[55]Silbersehatz A,Galvin P.Operating System Concepts.Addison-Wesley Inc. 1994:132-135
[56]Charles D.Cranor,Matthew Green,Chuck Kalmanek,et al.Enhanced Streaming Services in a Content Distribution Network.IEEE,2001,5(4):66-75
[57]Michael N.Nelson,Brent B.Welch,et al.Caching in the Sprite Network File System.ACM Transactions on Computer Systems,1988,6(1):134-154
[58]F.B.Schneider.Implementing fault-tolerant services using the state machine approach:Atutorial.ACM Computing Surveys,1990,22(4):299-319
[59]X.Defago,A.Schiper,Semi-passive replication and Lazy Consensus.Journal of Parallel and Distributed Systems,2004,64(12):1380-1398
[60]Goes-Jen Hwang,Lin,M.T.On the development of a computer-assisted testing system with genetic test sheet-generating approach,2004(35):590-594
[61]蒋芫,李健.计算机软件测试管理应用研究.湖南理工学院学报(自然科学版),2007,63(1):3-5