摘要
随着我国军队信息化建设过程的不断深入,军队内部所用的软件系统也将越来越多。尽管这些系统关注于不同的领域,但相互之间在功能上有相互交叉和连接的地方,系统间的“集成”最终将成为一个大问题,跨系统的应用也将成为巨大的困难。随着部队应用需求的不断增加,如何检索这些放置于不同地方、以不同语义和格式存储的数据信息,为信息检索者提供统一、一致的访问接口,从而消除“信息孤岛”,这是当前军队信息化建设亟待解决的问题。
针对该现状,本文主要的研究内容如下:
1)在当前主流的异构数据源集成方案中选择适合军队使用的集成技术,并完成集成框架具体设计。
2)研究并制定所使用的公共数据模型,设计项目使用的各种数据模式。
3)查询分解技术是项目的重点内容,对其进行研究并在项目中加以实施。
4)各种安全机制的研究,选择项目的访问控制策略。
本课题在分析异构数据源集成系统基本框架结构的基础上,提出并建立了一个基于全局数据模式的异构数据源集成体系结构,采用XML-Schema定义的集成数据模型作为集成系统的公共数据模型。课题中关于元数据库的设计完成了模式之间的映射,并采用XQuery作为全局查询语言,依据查询分解算法完成数据的检索。同时,采用轻量级基于角色的访问控制策略提高系统的整体安全性。主要包括:
1.异构数据源集成系统总体框架设计
在研究当前国内外异构数据源集成框架的基础上,针对军事应用的特殊性,研究适合军队使用的集成框架。在确保系统正常运行的基础上,提高系统的整体强健性和安全性,同时提高系统运行的效率。
2.基于XML-Schema构建系统的集成数据模型
使用XML-Schema,同时参考GML(地理标记语言)的设计理念,构建了满足当前军事项目使用需求的全局数据模型,并建立了全局数据与局部数据源之间的映射关系。
3.查询分解的研究与实现
查询处理是异构数据源集成系统的关键技术之一,查询分解、查询调度和查询优化是查询处理的核心内容。课题应用XML作为中间媒介,通过研究XQuery查询语言的特点,决定采用其作为全局查询语言,并给出查询处理的整个流程。系统实现了对多数据源的混合查询,并将检索结果进行整合返回,使应用通过统一、方便、多样的查询方式,输入检索查询条件进行查询,就可以得到所需数据,而不必关心各个局部数据源本身的差异。
4.安全机制的制定
针对军事应用的安全性要求,研究了基于角色的访问控制(Role Based AccessControl,RBAC)策略,并在实际项目中通过在元数据库中增加角色库、用户库,同时在两者之间制定映射关系,完成了轻量级访问控制策略的实施。这样,确保对数据源信息的安全访问,满足了当前的安全需求。
该框架结合XML Schema设计全局数据模型,并使用XQuery作为全局数据查询语言,包装器对其做本地查询语言的转换,屏蔽底层数据源的局部异构性,可以集成包括关系数据库系统、文件系统、Web信息系统等多种异构系统中的数据。采用元数据映射技术,完成全局、本地数据的透明转换。通过集成基于角色的访问控制策略,提高系统整体安全性。该方案较好解决军事应用的异构数据源集成问题,实现信息的共享和统一访问。
With the development of China's military information construction, the software system used in the Army will be more and more. Although these systems focus on different areas, there are functional and cross-cutting links. The systems "integration" will eventually become a major problem, and cross-system applications will be enormous difficulties. With the increased demands of the Army's application, how to search them and provide a unified, consistent interface, thereby eliminating the "islands of information", which become a difficult problem in the informationization of the military.
The main studies as follows:
1) Select the integration technologies in the current mainstream of Heterogeneous Data Source Integration Programs, and complete integration framework design.
2) To study and develop the public data model and the data schema.
3) Inquiry decomposition technology is the key component, and its study of the project to be implemented.
4) To study the security mechanisms, and to select the access control strategy.
By analyzing the Heterogeneous Data Source Integration System basic framework, the project establishes the Heterogeneous Data Source Integration Architecture which bases on the global data schema. It uses XML-Schema definition of integrated data model as the Integrated System of a public data model. On the topic of meta-database design, it completes the schema mapping, and using XQuery as the global query language. And it retrieves data using the inquiries decomposition algorithm. Meanwhile, the project uses lightweight role-based access control strategies to improve the overall system security. It mainly includes:
1. The framework design of Heterogeneous Data Source Integration
On the basis of current domestic and foreign Heterogeneous Data Source Integration Framework, we study the integration framework which addresses the special nature of military applications. In ensuring the normal operation of the system on the basis of improving the overall system robustness and security, while improving the efficiency of the system.
2. Building integrated data schema of the system based on XML-Schema
We establish the Global Data Schema to meet the current demands of military projects. This global data schema uses XML-Schema and references the design concepts of GML (Geography Markup Language). The project establishes the mapping between the global data and local data sources.
3. Research and Implementation of the query decomposition
The Query process is one of the critical technologies in the heterogeneous data integration system. Query decomposition, as well as query scheduling and query optimization is the current core content. The project decides to adopt XQuery as the global query language through research XQuery language features, and this paper provides the entire inquiry process. While shielding the differences of local data sources, the system completes mixed inquiries in multiple data sources.
4. Security mechanism of the system
Against safety requirements of military application, this paper researches the Role-Based Access Control (Role Based Access Control, RBAC) strategy, and completes the lightweight access control strategy in the actual project. It uses the meta-database to increase the role, the user, and adds mappings between them. This ensures the information security of data source and meets the present security needs.
The framework uses XML Schema as global data schema, XQuery as a global data query language and wrapper for translating local query language. This masks heterogeneity of local data sources. The system can integrate different data including relational database systems, file systems, the Web information system and others. Depending on the metadata mapping technology, it can complete data translation. The framework further improves overall security through combine role-based access control strategy.
引文
[1] 孙海成,季士东.军队信息化概念、目标及基础要素.中国信息界,2006,(05)
[2] 杨学义.我国军队信息化建设的战略选择.西安财经学院学报,2006,(01)
[3] 肖木,晓涵.企业直面信息孤岛.中国计算机用户,2002,(18)
[4] 乐鑫喜,刘清.异构数据库集成系统的设计与实现[J].计算机工程与应用,2005,(27).
[5] Extensible Markup Language (XML) 1.0 (Second Edition) [EB/OL]. Recommendation 6 October 2000. http://www.w3.org/TR/REC-xml. 2001.6.
[6] DidierMartin etc, Professional XML, 机械工业出版社,2001.9
[7] Asai T, Abe K, Kawasoe S, et al. Efficient Substructure Discovery from Large Semi-structured Data. Proc. Second SIAM International Conference on Data Mining 2002 (SDM'02), SIAM, 2002:158-174
[8] Hazem T. EL-Khatib, Howard Williams, David H. Matwick, et al. Using a Distributed Approach to Retrieve and Integrate Information from Heterogeneous Distributed Databases[J]. The Computer Journal, 2002, 45(4): 381-394
[9] 杨宏英,林长松.异构数据集成系统的应用模式与技术实现[J].微电子学与计算机,2006,(23)
[10] D. Hsiao. Tutorial on Federated Databases and Systems[J]. The VLDB Journal, 1992,1(1): 127-179
[11] 李贺,王平,毕强.基于数据仓库的决策支持系统结构分析[J]情报学报,2000,(05)
[12] 方俊,虎崇林,韩燕波.一个基于中介机制的动态数据集成框架[J].计算机科学,2003,30(10 A):259-262
[13] D Floresu, A Levy, A Mendelzon Database techniques for the World-Wide Web.A Surver ACM SIGMOD Record. 1998,27(3)
[14] XML Schema, W3 C Recommendation[EB/OL]. 2 May 2001, http://www.w3.org/XML/Schema,2001-09.
[15] World Wide Web Consortium XQuery1.0: An XML Query Language [EB/OL]. http://www.w3.org/TR/xquery/
[16] 曹磊,吕良双.基于角色的轻量级访问控制系统的研究[J].计算机应用,2006,(02).
[17] Simon Cox,Patti Daisey, Ron Lake,etc.OpenGIS Geography Markup Language(GML) Implementation Specification. Version 3.00 [R]. Open GIS Consortium, Inc.2003
[18] 高明,宋瀚涛.异构数据源集成应用模型及其查询处理方法[J].计算机工程,2003,(15).
[19] Sandhu RS, Coyne E J, Peinstein H, Youman C E. Role-based access control models[J]. IEEE Computer, 1996, 29(2):38-47.
[20] 张世明,杨寅春.基于角色的访问控制技术在大型系统中的应用[J].计算机工程与设计,2006,(19)
[21] 姚卿达,张耕,邓豫.联邦数据库GD-MDBS的总体设计与模式集成[J]现代计算机,1998,(10).
[22] 徐永川.SGML、HTML与XML的比较[J]情报科学,2004,(01).
[23] Kay M.XSLT Programmer's Reference (2nd Edition Original)[M]. Wrox Press,2001.
[24] 王芳,李正凡.用SAX解析XML文档的实现方法[J].华东交通大学学报,2004,(01)
[25] 刘秋香,张永胜.对XPath,XLink和XPointer的分析研究[J].微机发展,2005,(10)
[26] 李华,刘修国.对XML的模式DTD和Schema的探讨[J].计算机与现代化,2003,(02)
[27] 张伟,苑迎春,王克俭.DTD与Schema简介[J].现代电子技术,2001,(06)
[28] 汪军,杨厚华,张庆芳.新型XML Schema书写规范[J].贵州工业大学学报(自然科学版),2003,(01)
[29] 金玉玲,陈培久,裘江南.XQuery——一种全新的XML查询语言[J].情报学报,2002,(04).
[30] 周宇,叶庆卫,王晓东.基于XML描述的EDI三层技术体系设计与构建[J]计算机工程,2003,(07).
[31] 段晓娟,徐长梅,孙宁.XPath技术的解析[J].计算机系统应用,2003,(09).
[32] Sylvia Osbom, Ravi Sandhu and Qamar Munawer, Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies, ACM Transactions on Information and System Securirty, Vol. 3, No.2, May 2000.
[33] Joon S.Park and Ravi Sandhu, Role-Based Access Control on the Web, ACM Transactions on Information and System Security, Vol.4, NO. 1, February 2001.
[34] 尹向东.SOAP及在Web服务中的实现[J]湖南科技学院学报,2005,(11).
[35] 曹蓟光,王申康.元数据管理策略的比较研究[J].计算机应用,2001,21(2):3-5
[36] 李瑞轩.异构信息集成中的查询处理与优化研究[D].华中科技大学,2004
[37] 廖伟,廖湖声,任宇.基于XQuery的数据集成系统中的查询分解算法[J].通讯和计算机,2005,(2)
[38] 李瑞轩,卢正鼎,吴炜等.多数据库系统中查询分解算法的研究.小型微型计算机系统,2001,22(4):488-491
[39] Frasincar F, Houben GJ, Pau C. XAL: An algebra for XML query optimization. In: Zhou XF, ed. Proc. of the 13th Australasian Database Conf. (ADC 2002). Melbourne: Monash University, 2002.
[40] 李瑞轩,卢正鼎,吴炜等.一种异构数据集成中的动态查询优化方法.计算机工程与科学,2004,26(12):71-74,81
[41] 谢中科.数据库连接池技术及其应用研究[J]长沙理工大学学报,2005,(02).