| With the rapid development of the information technology, especially the worldwide network interconnection, the application of the information sharing is extended and deepened increasingly. Various kinds of information-based systems have already become national infrastructure, but the security question closely bringing with application of the information system has also become outstanding increasingly. The security of information has already become the key of construction of information system. As a fast developing shipping enterprise, Shanghai Time Shipping (STS) has numerous affiliated shipping, scattered customers and widely covered enterprise MIS. The security problems met in the developing of enterprise MIS are the background of this paper. a whole set of feasible solutions of enterprise information system are put forward.The key of the security of the information system is to establish access control system preventing non-authority person accessing enterprise' s sensitive information. The modification model of Role-Based Access Control is put forward in the paper, which can confirm the authority according to the role and carry on the adjustment of the authority to concrete users. Users' identity authentication no longer adopts the traditional password way with lower security, but adopts authentication technology of the challenge responding type based on the electronic token. The security of system is improves by hardware mechanism.Nowdays, Public Key Infrastructure (PKI) is the core and emphasis of network security construction. The theory, content and achievement of PKI is introduced in the paper; the format of the digital certificate is analyzed; and an important application of PKI, SSL protocol is also introduced. On this basis, a whole solution of Certificate authority for small enterprises is introduced in the paper. Namely, the solution is the development of the TSCA(Time Shipping Certificate Authority)using source-code-opened algorithm library OpenSSL. TSCA provides the whole lifecycle management of certificate. The digital certificate issued by TSCA strongly supports all interior applications of enterprise, such as safe e-mail, safe web services and digital stamper, etc.The increasingly consummated Virtual Private NetWork (VPN) technology will be the mainstream of remote network security access technology. The VPN solution of STS is discussed in the last of the paper. |