System Security Middleware, J2ee-based Development Of Data Exchange

With the fast development of internet and information, there is much information data transmitting in the internet, which brings about severe security problem. Security is becoming the neckbottle of data interchange system for its complexity and high computing. And network topology is complexer and complexer. The demand of security in system is variety and ceaselessly extended. So there are the higher demands about integration, reliability, security and expansibility provided in security system.In this paper, we analyse the characteristics and advantages of middleware technology. For the security management of data in the data interchange system, an idea of security middleware independent of platform and system is put forward. The security middleware is designed based on J2EE architecture and EJB criterion. It uses the service form to encapsulate and provides the standard security service' interfaces for data interchange system. Thus the security middleware becomes a security platform shared by the data interchange systems. In the security middleware, we use some knowledge about hybrid cryptosystem, digital signature and so on. Then we implement the functions of identity authentication to each other, exchange of the session key, time-stamp authentication and data encryption. So the security middleware can protect confidentiality, authenticity, integrity and non-repudiation in data interchange system.