| With the development of modern enterprises and information technology, the information of enterprise systems are becoming increasingly large-scale and complex; therefore, system security situation has become more serious.Every aspect of enterprises application system could suffer security threats.enterprises application system need to protect their resources.at present,the enterprise application systems are becoming increasingly complex, access control management of resources,authentication and authorization is becoming increasingly diffcult.So,it is important to develop an easy to use,easy to expand,easy to manage Security Framework for enterprise application.This thesis is based on RBAC Model,Acegi Security Framework and the structure of the existing UniEAP system which is a universal enterprise application platform developed by Neusoft Group Ltd. This thesis begins with the security of J2EE enterprise application platform and discusses how to deal with overall information security problems through several views and several layers, and gives us an overall scheme based on security technology and method.the security framework is divided into three parts:Multi-dimension organization structure, Authentication system and Authorization system.the thesis gives us a concrete design and implement from the aspects. Because every enterprise has different requirements, the security framework is a basic framework which just resolve to commonly security problems.at the same time, the security framework is a highly extensible framework. The design solution,which is put forward by the thesis,can reduce the complexity of authority management and strengthen the systematic security. The design and implementation will be also useful to other enterprise application platforms and other enterprise applications. |
PDF Full Text Request