| As the comprehensive application of information and Internet technology security of information system faces great threat. How to deal with these security problems becomes a key matter to us. Especially to the systems based on Web application security is very important which involves identity authentication, access control, data protection and so on. Nowadays these problems are very hot in the fields of network security. This thesis begins with the problems which a practical information system faces, discusses how to deal with overall information security problems through several views and several layers, and gives us a special and overall scheme based on security technology and method . it concludes problems of design principal, integrated structure, integrated framework, function module and so on. As to the problems of application layer, we design a layered structure to design and implement. Especial to the key problems such as identity authentication, access control and data protection, we give a whole design scheme and implement method to illuminate it. During the implementation of identity authentication and access control system, it brings out several key technologies such as dynamic permission control, dynamic constraint. At the end we adopt three layers structure: data layer, logic layer, presentation layer to carry out the system, and we integrate security theory with ASP.NET technology. This design and implementation will become useful to other systems based on Web application.
|
PDF Full Text Request