【正文】 tive mechanism.Security mechanism such access control and cryptography can strengthen intrusion tolerance function by protecting accidental or intentional attack. Adaptive mechanism using bandwidth management or redundancy management can support intrusion tolerance function by adapting a change of system state. In this paper, we have implemented intrusion tolerance system by separating application function using a variety of security mechanism and adaptive mechanism in middle ware. The proposed paper is as follows. We proposed intrusion tolerance security model for e Commerce system by analyzing security model and distributed object model of CORBA in section 2. Section 3 described the intrusion tolerance application for eCommerce system through the intrusion tolerance mechanism and strategy of implementation and extract the intrusion tolerance technology and implementation method. We have designed system analyses by intrusion tolerance security model and element technology and have confirmed the realization of application of intrusion tolerance using middleware type with developed intrusion tolerance module in Section 4. In section 5, the conclusion and issues are stated.2. Security Model of eCommerce System. Security Model for Distributed Object SystemThe software with distributed information system is posed of object that is connected with distributed in network. And object of client calls operation of object operating in remote to realized the function of application.[7]. The client object calls method of remote object such as local object. Object of proxy transfers remote method call to local ORB after marshaling. ORB transfers message call using IIOP message to remote ORB with servant object. Remote ORB transfers method call to skeleton operating unmarshaling and skeleton transfers message call to implemented object. The final results of operating method transfer the values by reverse. The distributed object model hides the plexity such as variety, patibility and heterogeneousness and shows the functional interface of ponent.CORBA distributed object system guarantees confidentiality of object, integrity and availability by using security mechanism based on policy in middleware. Security policy totally establishes group mechanism by using domain, privilege and usage authority. Security administrator involves object in domain and equally establishes security policy about group of objects. And security administrator executes usages the security policy on usage group by grouping with same privilege attributes. The method of object groups the methods by contributing same usage privilege and applies security policy on group. The distributed object security model is depicted in figure 1. Fig. 1. Security Model of Distributed Object System. Intrusion Tolerance Model of HACQIT SystemApplication systems that can sustain service against illegal intrusion or attacks by intruders with high levels of technique of penetrating the intrusion prevention system and intrusion detection system should be able to adjust to the change in status using the intrusion information from the security system and be able to switch into substitute servers or sites providing the same services.The intrusion tolerance system of HACQIT (Hierarchical Adaptive Control of Quality of service for Intrusion Tolerance), a US based DARPA project, is a representative security model that can easily be applied to the application systems. The HACQIT system is posed of the main server, duplicate server, firewall, controller and sandbox as shown in figure 2. User’s service request passes through the firewall and is delivered to the main server by a switch. The controller intercepts requested messages destined 。2002[29]. 陳嫻... [等]編著. . 中國鐵道出版社2006[25]. 王宏編著. C程序設(shè)計案例教程. 清華大學(xué)出版社. 人民郵電出版社2002[18]. 傅宇旭,龍浩,陳軍等編著. IIS 與 ASP 網(wǎng)站建設(shè). 科學(xué)出版社2008[14]. 詹英主編. 數(shù)據(jù)庫技術(shù)與應(yīng)用:SQL Server 2005教程. 清華大學(xué)出版社2003[10]. 張駿, 崔海波等編著. . 機械工業(yè)出版社2009 [6]. 張領(lǐng)等編著. . 清華大學(xué)出版社鑒于本人知識儲備淺薄，能力有限，而且又沒有豐富的軟件開發(fā)經(jīng)驗，因此在設(shè)計中會出現(xiàn)這樣或那樣的問題，還請各位老師批評指正，謝謝！參考文獻[1]．王小科, 呂雙等編著. C從入門到精通. 北京清華大學(xué)出版社 2008[2]. 趙博特著. 基于SOA的企業(yè)培訓(xùn)管理系統(tǒng)的設(shè)計與實現(xiàn). 北京郵電大學(xué)基于本系統(tǒng)所采用的開發(fā)環(huán)境，本系統(tǒng)還具有可以快速開發(fā)、易于維護等特點。企業(yè)培訓(xùn)擁有很多繁雜的環(huán)節(jié)，對這一流程的效果評價一直是主觀的，模糊的。對于不同顯示分辨率下也能夠正常顯示。點擊【考試編碼】超鏈接，進入考生成績詳細畫面考試名稱本次考試名稱考試總?cè)藬?shù)參加本次考試的總?cè)藬?shù)總分本次考試的試卷總分平均分本次考試的平均分及格率本次考試的及格率分數(shù)段統(tǒng)計點擊【分數(shù)段統(tǒng)計】圖標(biāo)，進入分數(shù)段統(tǒng)計畫面難易度統(tǒng)計點擊【難易度統(tǒng)計】圖標(biāo)，進入難易度統(tǒng)計畫面l 試題分析① 查詢條件設(shè)置（可組合設(shè)置查詢條件進行考試信息查詢）；② 點擊【查詢】按鈕，可以查詢到相應(yīng)的考試信息。表42 查詢條件說明名詞說明閱卷狀態(tài)每張試卷的批閱狀態(tài)，有已批閱、批閱中和未批閱三種，默認為全部表43 顯示結(jié)果說明名詞說明序號從1開始順序累加考試記錄編碼每位考生參加本次考試的唯一標(biāo)識閱卷狀態(tài)分已批閱、批閱中和未批閱三種操作點擊【批閱】，進入閱卷畫面批閱試卷主觀題l 試卷批閱① 參照參考答案，在得分框中給相應(yīng)的試題打分；② 點擊【保存】按鈕，保存打分。可以選擇其中一種來查詢對應(yīng)的考試信息，默認為全部表40 查詢結(jié)果說明名詞說明考試編碼每次考試的唯一標(biāo)識考試名稱本次考試名稱試卷名稱考試所使用的試卷名稱考試狀態(tài)本次考試的狀態(tài)，有發(fā)布、結(jié)卷和取消三種狀態(tài)分時考試本次考試是否分時，有“是”和“否”兩種狀態(tài)閱卷人閱卷人姓名創(chuàng)建者創(chuàng)建本次考試人姓名l 考試添加① 輸入基本信息；表41 基本信息說明名詞說明考試編碼每次考試的唯一標(biāo)識，不可編輯，點擊【確定】按鈕后自動生成考試名稱考試的名稱，最大可輸入500位試卷名稱不可編輯，點擊試卷名稱【參照】按鈕選中試卷名稱主觀題不可編輯，選擇的試卷若有主觀題，復(fù)選框被選中。l 試卷復(fù)制① 修改試卷信息和規(guī)則，參照隨機試卷添加；②點擊【生成樣卷】按鈕，查看修改后根據(jù)試卷規(guī)則生成的試題詳細信息；③點擊【確定】按鈕，添加試卷信息、試卷規(guī)則和試卷中試題信息。()=~^| {}[]`+。圖6 試題管理界面 試卷管理功能模塊l 試卷查詢① 輸入查詢條件；② 點擊【查詢】按鈕查詢試卷。表29 修改填空題信息說明名詞說明題干最大輸入長度為500位，可以進行超文本編輯 ，如下圖：點擊菜單欄最后一個控件，輸入的文本框個數(shù)必須在1到8之間內(nèi)容概述最大輸入長度為500位，必須輸入項要點分析對于本道試題的考察知識點的分析, 最大輸入長度為500位，可缺省參考答案必須輸入項，以|作為分隔符,每個答案項是必須入力項,最大輸入數(shù)為50位, 答案項的個數(shù)與題干中的文本框個數(shù)必須匹配表30 修改單選題信息說明名詞說明題干最大輸入長度為500位，可以進行超文本編輯選項內(nèi)容最大輸入長度為600位，可以進行超文本編輯，選項內(nèi)容不可以隔行輸入內(nèi)容概述最大輸入長度為500位，必須輸入項要點分析本道試題的考察知識點的分析, 最大輸入長度為500位，可缺省試題答案必須輸入項，正確答案對應(yīng)的選項不能為空表31 修改多選題信息說明名詞說明題干最大輸入長度為500位，可以進行超文本編輯選項內(nèi)容可以進行超文本編輯，選項內(nèi)容不可以隔行輸入內(nèi)容概述最大輸入長度為500位，必須輸入項要點分析本道試題的考察知識點的分析, 最大輸入長度為500位，可缺省試題答案必須輸入項，正確答案對應(yīng)的選項不能為空表32 修改判斷題信息說明名詞說明題干最大輸入長度為500位，可以進行超文本編輯內(nèi)容概述最大輸入長度為500位，必須輸入項要點分析最大輸入長度為500位，對于本道試題的考察知識點的分析,可缺省試題答案必須輸入項，正確答案對應(yīng)的選項不能為空表33 修改簡答題信息說明名詞說明題干最大輸入長度為500位，可以進行超文本編輯內(nèi)容概述必須輸入項, 最大輸