文档介绍：信息]二程大学硕+学位论文
摘要
J2EE安全技术为基于J2EE架构的应用系统提供了多种安全服务,但是,J2EE安全仍然存在一些不足之处。如J2EE安全体系结构中提供的基于角色的类级粗粒度访问控制已经不能满足当前企业级应用实际需求:J2EE规范定义的安全域范围内单点登录在使用中存在很多不便等。由此,本文针对J2EE安全体系结构、J2EE访问控制模型以及基于J2EE 的安全技术进行了深入地研究,重点从认证与授权、数据存储安全、数据传输安全等方面对J2EE安全技术进行了分析,并指出了J2EE安全中存在的一些不足。
在此研究的基础上,基于J2EE分层体系结构提出了一套可行的安全增强方案,同时给出了该方案的设计与部分实现。在增强方案的服务器端安全中,设计并实现了集中式认证架构CAA(Central Authentication Architecture),;建立了基于角色的实例级访问控制RBIAC(Role=based essContr01)模型,并进行了实现;其次,提出了一种实现用户多角色访闯系统的实现方法。最后安全增强方案在军队办公自动化信息平台得到了应用。
关键字;J2EE;安全技术;单点登录;访问控制
第v页
信息工程大学硕十学位论文
Abstract
11】c security technology based Oil J2EE provided a Iot of security service for the application based on J2EE ,J2EE security Still has SOlne example. The class-level acce踮control of J2EE c砸^meet the security requirements of application actually;’n圯SSO in the scope of the security domain defined in J2EE specification was this thesis carded on the analysis and research thoroughly on the J2EE security
architecture as well as the security technology based Oil J2EE authentication,
data storage security,data transmission security and the J2EE access control model;then points
out some weaknesses existing in the J2EE security.
On the basis of the research described above,the paper firstly proposes a feasible scheme for enhancing the security function ofJ2EE,and pletes the design and realization ofthis the side of server of the scheme,CAA which does not use the Cookie mechanism realizes)he SSO and the central authentication (Role-based Instance-level
Access Contr01)model is designed and realized which fulfill the iastance-level ?,efls control secondly,one kind ofsolution for user to visit application with multi-roles Was last (he secmity scheme was applied in the army's off3ce automation information platform.
Key words:J2EE;Security Technology;SSO;Access coiltrol
论文原创性声明和使用授权
本人声明所呈交的论文是我个人在导师指