面子

经过很多个月默默地测试，以及今天对好朋友连接上的抽查，发现SPACE的速度实在是太慢了，不管是学校里的网络还是家里的网络，不管是电信还是网通，不管是杭州还是苏州，今天抽查的SPACE空间里面，居然只有DUAL一个人的空间是可以看全东西的，其他同志的SPACE真是惨，几乎看不全东西。同志们啊同志们，在SPACE的赶快搬吧
我搬OPERA去了http://my.opera.com/willhunting/blog/
简单的东西一定不会出错的，嗯

我想出壳

ＡＴＴ

　　在家几日却也没有好好看几场球。６月１５在校网终于看全了英格兰和兔八哥的比赛。这一场前８０分钟踢得我差点咬被单，绅士英格兰白白浪费了很多机会。最后进的两个球意料之外，情理之中，几乎都不对英格兰抱多大希望了，这么不紧不慢的态度……对兔八哥，不禁心存景仰，特别是约克，虽然动作ＷＳ了一点……

　　四年前的世界杯，我躲在学校给我一个人的实验室里看比赛，１０天以后就要决定是否有资格进入ＩＢＯ的省内决赛，决定是否能免考试入大学的命运。而谁能想到四年后的我是怎样的呢？

　　四年后……

　　周六世界杯开始的时候,我在上海广西招待所卸下疲惫的行装。心里对第二天对施耐得的霸王面充满了绝望和希望。这是我第二次孤身去外地，幸亏lightyear帮助，这样不计回报的帮助真是令我对白羊座的景仰又增加许多……否则我真的不知道是否可以在２４点前找到一个过夜的地方。地图，车次，甚至最后离开上海追地铁的车票……越是这样越是觉得不知道如何表示我的感谢和惭愧，希望好人永远平安和幸福。不知道siwu是什么座的……莫非也是白羊座的活雷峰？

　　上海一行，长了许多见识，不管是车上认识的两个做ＩＴ行业的研究生关于选择职业的探讨，还是施耐得极其精彩的群面，不管是喧嚣的徐家汇之中唯一一块净土——南丹路上天文研究所，还是地铁里抱栀子花的男孩。关于路上的每一个细节我多么想流水帐一样记录下来。也许我该给每一片小记忆留一个特殊的位置，回杭的时候，我用面试的时候一个交大姐姐送我的圆珠笔，向周座的一对情侣借了他们新饭盒里的商标纸在火车上一点一点地记录下来。我的心里有一千个一万个字，多么想急切地吐出来！

　　世界杯的第一天，也是我出征的第一天，我觉得这宝贵的一天比我这一个月的收获更丰富！

　　１６号走出到徐家汇的地铁，竟然接到了一个创管班企业平台同学的电话，我的第一个实习ＯＦＦＥＲ就这样拿到了！果然机会无处不在，只是要自己积极争取，这个原来给创管班的人的机会，竟然就这样给了我。虽然不是一个好ＯＦＦＥＲ，但是比来学校招收实习生的那些单位强多了，今天下午去接见了ＨＲ姐姐，至少比处女面的那个做ＳＰ的强很多。siwu师兄说得对，充分的准备很重要。我觉得自己正在向四个方向进步

1,积极的态度

我开始明白：我对别人的态度决定了别人对我的态度，如果我是积极地充分的准备，积极地争取，同样可以获得对方热情和友好的态度。我开始不怕霸王面。

2,细节的作用

写在４里面

3,概括的条理

siwu师兄说我说话有冗余信息，确实是这样，我发现在面对面交流中自己能逐渐做到概括和简练，这可是我多年来的陋习啊

联想是我的下半场，够了，我想结束这场一个月的比赛。

因为在实习生宣讲会上顺着老总的意思介绍了自己，刚好时逢世界杯，自己的名字又是和英超一个发音，不记忆深刻才怪了（这还是第一次大言不惭地当众自我介绍，真奇怪为什么别人不介绍自己呢），也许是直觉告诉我这其中有机会，抓了这个细节，竟然老总当场就同意给我加笔试机会－－b

心诚则灵，我终于又进一步要到了面试的机会，笔试的硬件部分因为考过ＡＭＤ硬件认证和充分的对企业文化的准备（感谢siwu师兄啊）做得不会差，后面两个叙述题把自己描画成了具备各种联想需求的神仙＠＠．面试觉得应变得还不错，真的认真准备了自我介绍反而问题换了，自我感觉回答条理清晰．３７选１０，希望还是有的……尤其是看了别人做的试卷和简历……当然高人一定是有的～

我累了，随时准备扔了到手ＯＦＦＥＲ，期待联想垂青，换ＯＦＦＥＲ，看到了施耐德面试中和牛人的差距（不过我觉得自己发挥得不错，一定不是最差的），不管有没录取，经验攒下了，暑假过后，也许跑得更快。

 

期末加油，ＷＩＬＬ

 

 

最近和英语的缘分还真是不赖。

写了一份英文简历花了Ｎ久的时间，主要是很多专业的名词，格式基本不懂，一顿查～其中的一句两句还请教了Ｎ个人～

然后第一次从大哥那里ＲＯＢ了一篇ＰＡＰＥＲ翻译了一下午挤出两页，后面实在不想翻译了，一篇关于信息安全的论文一共７页，偷偷地插个嘴，其实这ＰＡＰＥＲ前两页也挺水的。

恩，路过的有兴趣的帮忙拨乱反正一下吧。

 

Abstract
This paper considers the design of a security modelfor mobile agent based computing systems. The security model proposes the notion of a security enhanced agent that captnres a variety of security information needed in the provision of security services. It defines the privileges of the agent required to perform the actions, the rights that other principals can have over the agent as well as delegation of privileges. The security model identifies security management and policy base components in agent enabled hosts which interpret the privileges and rights of agents and enforce the security controls.

1. Introduction
Mobile code systems are becoming increasingly significant and mobile agent technology has a lot to offer towards achieving the vision of usable distributed systems in a heterogeneous open network environment.. The interest in code mobility has been raised mainly by a new family of programming languages that have recently emerged from the developments on the Internet.

 

The basic principle hehmd these languages has been toovercome the limitations of the client-serverparadigm using the notion of code mobility. Mobile code paradigms allow migration of code describing the service and possibly the associated state of execution to a different host. There are different types of mobile code paradigms such as code on demand,remote evaluation and mobile agent. The term “mobile agents” is an overused term at present with a variety of definitions ranging from autonomous agents to intelligent agents to co-operating and collaborating agents. Also there are different design choices as to which components migrate when a mobile agent moves. For instance, in Java [I] only program codes migrate whereas in Obliq [Z] closures consisting of program code along with the environment that binds variables to values or memory locations also migrate. In this paper, we will use the term mobile agent to refer to program codes along with the state containing data variables and its values along with program counter and recursion stack. In a client server based distributed system, when a request for a certain senice is received by one principal from another, the receiving principal
essentially needs to address two questions. Firstly, is the requesting principal the one it claims to be? Secondly, does the requesting principal have appropriate privileges for the requested service? These two questions relate to the issues of authentication and authorisation. There are also other security concerns such as auditing, secure communication, availability and accountability.

When it comes to mobile agents, the security issues become further complicated. There are some security issues that are specific to a mobile agent system.These include the protection of host against theagents, the protection of agents from each other, theprotection of the agent from the host and theprotection of the underlying network. There have been some work such as [3] that address the first two aspects. The Java sandbox security [4] has for instance enabled developers to make some progresstoward solving rogue agent problem. However there
is not a clear solution at present to tackle the problemof an agent being attacked by the host computer. Inparticular, there has not been much work ondeveloping an overall security model for mobileagent based systems. Furthermore, the “weakest link problem” of security isexasperated by mobile agent technology. For instance, when an agent migrates
from a server in one company to another, the security is only as good as the weakest agent sewer againstthe strongest rogue agent.

In this paper, we consider the design of a security model for mobile agent based computing systems.The paper is organized as follows. Section 2 outlines an agent environment and describes a security model for mobile agents. It proposes a security enhanced agent and describes its structure and the function of each of its elements. The security management
components required in the model are also described. Section 3 briefly describes the system operation interms of creation of security enhanced agents and their migration between hosts.

2. A Security Model for Agents
2.1 Secure Agent Environment
In our system agents are created by principals and are sent from one machine or host to another to perfonn certain tasks. The agents are executed by agent interpreters on a host and we will refer to the agentexecution environment as the agent server. We willassume that there is a single agent server running on a host. The agent migration in our system involves both the transfer of program code as well as data. The agent is considered to be autonomous as it has itsown thread of execution after amving at a host.

A security framework for mobile agents might provide security services such as authentication of the sender and creator of the mobile agent, protecting the integrity of the mobile code, securing the confidentiality of the mobile agent during transfer,privilege based authorization of mobile agents and non-repudiation of mobile agents’ actions. In achieving this, the difficult  challenges lie in the protection of the agent against illegal tampering by the agent server in the remote host. Recently, though there have been several works addressing aspects of mobile agent security (see for instance [5,6,7,81),several challenges and open issues remain and there
is not yet a comprehensive security framework for mobile agent security. The aim of this paper is to consider the design of a security model that contributes to the development of an overall security framework for mobile agents; in particular, we
consider a security model that allows authentication
of agents by the target objects, privilege based
authorization of agents, privacy and integrity of
agents in communications.

We assume that each agent enabled host has a trusted security management component which is concerned with the security of the host and its execution environments. We refer to this component as the principal SMC (Security Management Component). The identity of the execution environments in the host is same as the identity of the host (e.g. the URL)
along with an appropriate qualifier if there are more than one execution environments within the host. An agent has a unique identity which is independent of the execution environment of a host. Agents communicate via messages. The collection of hosts which obey the same security policies are grouped together in a domain. Each domain has a security authority referred to as the Security Management Authority (SMA). The SMA principal interacts with the SMCs in the domain in the establishment and maintenance of security policies within the domain; it
interacts with SMAs of other domains in interdomain situations. In practice, we envisage SMA’s role to include some of the functions of a Certification Authority.

Consider the situation where an agent anives at a host and runs within the execution environment offered by the host. When the agent is run within a host, the SMC principal is used to determine whether a certain requested action can be allowed or not. The security policy within the SMC specifies the conditions under which a request is granted. The policy can be based on the identity of the principal which created the agent in the first place, the principal which sent the agent, on the characteristics of the agent itself such as identity and the level of
trust associated with it as well as the state of the target. For instance, an agent Agent-C created by Bank-A sent by Customer-C-of-Bank-A can withdraw money from account of Customer-C if state of the account meets certain conditions (e.g. > 0).

Let us now consider a slightly different situation whereby the agent dispatched by a principal is a “security enhanced agent” (SeA) in that it encapsulates within itself not only the actions but also some of the privileges and other security characteristics that are required to perform these
actions. That is, a part of the security information has been incorporated within the agent. Recall that the security management components (SMC and SMA) were the guardians of such security policy information. Now some relevant part of security information required by the policy in making the decision is encapsulated within the security enhanced agent. Such a security enhanced agent based authorization model has characteristics of both the traditional access control list and capabilities. As such the agent contains information such as the privileges of the client principal and the target server SMC contains security policy information such as the what actions that an agent with a privilege can perform and under what conditions; both of these
information are used to determine whether an access is granted or not. However, SeAs are not static data structures but are themselves aclive agents. These agents can contain within them intelligence which can be used to m&e dynamic decisions.

 

摘要：
这篇论文主要论述设计计算机系统移动代理的安全模式。这种安全模型提出了一种在提供安全服务中能捕获多种所需安全信息的增强型安全代理的概念。它定义了在这种行动中代理的特权，以及其他principal能够拥有的比代理更高级的权利委任权利。这个安全模型能在支持代理的主机上区分安操作和安全基础政策的，阐述了代理的优先权和应有权利，加强了安全控制。
1，说明
移动编码系统变得越来越重要，移动代理技术对实现在开放网络环境下不同种类有用的分布式系统有意义重大。现在，由一种新的编程语言引导的对动态编码的兴趣正在蓬勃发展的互联网上兴起。这种程序语言基本的规则已经超越了客户和服务器模式主张的编码灵活性限制。动态编码允许描述服务的代码迁移并使得另一台主机接上联合执行模块成为可能。移动代码的种类有很多，比如查询代码，remote evaluation和移动代理。移动代理是一个使用过度的术语，现在有很多种意思，范围涵盖了自治代理、智能代理、合营代理和合作代理。在移动代理移动的时候关于代码迁移设计的选择也有很多种类。比如用JAVA的时候尽管……只有程序代码迁移。在这篇论文里，我将用移动代理这个术语表示伴随着含有可变数据结构体的程序代码和伴随着程序指针和递归栈的程序代码的值。

在一个以分布式系统为基础的客户服务器中，当一个principal从另一个principal那里收到某个确定的服务需求时，这个正在接收请求的principal实际上需要解决两个问题。首先，这个正在发出请求的principal是不是如同它自己声称的（系统角色？）；其次，这个发出请求的principal有没有请求服务的权利？这两个问题与事件结果的证明和批准有关系。还有其他的一些安全考虑，比如有效果和可说明的审核、安全通信。提到安全代理的时候，安全问题变得更加复杂了。有一些安全问题对安全代理系统有特别的效果，包括主机和代理们的信息隔离，代理和代理之间的信息隔离，代理和主机之间的信息隔离以及underlying网络的信息隔离。现在前两类问题已经有一些工作在着手。比如，JAVA的sandbox安全系统已经能让开发者在解决欺诈代理的问题上有进展。然而现在没有一个明确的解决办法能解决主机攻击代理的问题。特别是对于基于移动代理的系统，还没有完全安全的模型。此外移动代理技术激发了安全“最弱关联问题”。比如，当一个代理从一个服务公司转移到另一个服务公司时的安全性就如同一个最弱安全的代理和最强壮的欺诈代理之间的矛盾。

在这篇论文中，我们主要论述设计计算机系统移动代理的安全模式。这篇论文的组成如下。第2部分略述了一般代理环境，描述了代理的安全模型。它提出了一种增强安全代理并且描述了其中每一个元素的结构和功能。也描述了模型中需要的安全管理要素。第三部分简单描述了创新增强型安全代理组成的系统运行和安全代理和主机之间的迁移。

1代理安全模型
2.1安全代理环境
在我们的系统中代理被principal创建并且从一个机器或者主机传到一个机器或者主机完成确定的任务.代理被主机上的源代理解释生成,我们将把执行环境称为代理服务器.我们将假设主机上只运行着一个简单的源代理.在我们的系统中代理迁移包括程序编码和数据的传输。代理到达主机的时候它按照自己的方法执行，就像是自治的。

一个安全的移动代理框架应到包括安全服务，比如鉴定发送和创建移动代理的人，保护移动代码的完整性，在传输的时候保证移动代理的安全机密性，移动代理许可的特权和移动代理的无效行为。要实现以上这些挑战的困难，在于保护代理不被在遥远主机上的代理服务器非法干预。最近，虽然做了若干移动代理安全工作（见5678例）仍然存在一些挑战和公开的问题，现在移动安全代理还是没有全面的安全框架。这篇论文的主要目的就是考虑设计一个对全面安全框架设计发展有贡献的安全移动代理模型。特别是我们考虑一个代理能被目标物体鉴别的安全模型，基于被代理授权，在通信中保持秘密和完整。

我们假设每个代理使主机有一个可以信任的安全操纵成分，它和主机的安全和执行环境有关系。我们把这个成份称为SMC。如果在主机里有多于一个的执行环境，主机执行环境的身份和伴随着合适限定条件的主机身份是一样的。一个代理有一个和主机执行环境相对独立的唯一的身份。代理之间通过信息联系。在某个范围中主机的collection遵守一批一样的安全政策。每一个范围都有安全的权威比如SMA。SMA principal和SMC 确立和维持安全政策，在这个范围里相互作用。它和其他范围的SMAS 在inter-domain 情况下相互作用。实践中我们认为SMA是包括了一些权威证明功能的角色。

考虑这样的情形，当一个代理到达主机并且在主机给的执行环境下工作，当代理在主机（执行环境）中工作的时候，SMC principal通常确认某个确定的行为是否被允许执行。在SMC里的安全政策指定了需求被同意的条件。这种安全政策首先可以基于创建代理的principal的身份，send代理的principal的身份，代理本身的特性和被相信程度的等级和目标的状态。比如如果出现这样的情况，一个代理C被银行A创建，银行A是被C作为消费者send的，那么代理C可以收回在消费者C帐户上的钱。

我们现在考虑一个有一点不同的情况。既然它不仅压缩了自己的行为、特权，还有其他需要完成行为的安全特性，为什么被principal派遣的代理是一个“增强安全的代理”。这样的意思是说，一部分的安全信息已经被代理合成了一体。回顾SMC和SMA，他们是安全信息政策的守护者。现在，在政策决定一些相关部分的安全信息在安全增强代理中被压缩了。这样基于授权模型的安全增强代理有传统存取控制目录和容量的特性。这样代理有含有客户principal的特权信息，目标服务器SMC含有安全政策信息比如在什么情况下一个有某特权的代理应该做什么。这些信息被用来确定一个进程是否被允许。然而，SMAS 不是静态数据结构，他们本身是动态的代理。这些代理可以含有智能，做动态的决定。

 

　　答辩被安排在最后一组，估计是２点开始吧，去得早了点～

 

　　正在愤怒在如今的青少年同志都喜欢言而无信的时候，偏偏又传来某个要考Ｇ的同志又要缺席答辩的事实．掐指算算，从ＺＪＧ到ＹＱ来去各一小时，答辩最差估计１小时，不过就三小时而已．反复重申对方始终还是不肯来，正要爆发～不知道怎么想了想开始发巨长巨长的短信．表达当代愤青对责任感和诚信度的质疑

 

　也许段段说得对，我这个人虽然直爽，属于路见不平比拔刀相助型。有时候可能容易伤人。不过直爽也有直爽的好处，只要再加一句原谅我的直爽：）接连两次６条短信抒发完毕后，大概是我的真诚感动了苍天终于把某组员拉到ＹＱ。当时把我自己也感动了一把：）

 

　　答辩很搞笑，基于每个人都喜欢迟到，我们这个最后的组终于被同意提前答辩，前有两个不知道做什么服务平台网站的，一个调试电路半小时忽然电路故障以至于不能演示的．．．一个答辩了半天却不能被老师理解郁闷的（做的也是水声，最后老师提问的时候好象在吵架一样）终于到我了，由于后面软件部分没做，只好临时让ＳＫＡＴＯＵ赶了个流程图忽悠了一下，经过一阵忽悠，总算是结题了。实际上指导老师还没给意见呢。虽然最后成绩是良好，感觉很宽了。不过这个ＳＲＴＰ确实因为蒲公英一直耽搁了下来，自己觉得最后做得实在很不满意，希望以后有能力自己再把事情做完整吧！

 

　　这样下来对ＳＲＴＰ的水分也知道分量了。最后凡是焊了电路板的都是优秀，因为至少有成品。其实就我看再高深的题目，或许其应用价值也是０，很多人立项的时候根本不知道要做什么，比如我知道的几个有电路板的组。而评价的老师其实也不是很专业的，看得觉得有点意思就给个通过的分。

ＳＲＴＰ在我心目中的神圣形象基本上已经毁了。

 

失败了...

我不紧张,可是我很呆- -b