Security Technology Application On OA System

With the constant development of information technology, information networkinghas become commonplace in all trades and professions. While our government isvigorously constructing the government information network, the establishment andperfection of e-government system has become a great development strategy in theeconomic globalization. With the development of information work, OA (OfficeAutomation) system, as an important component of e-government, is more and morewidely used in all departments and organizations and more closely related to servicemanagement so that the information and data stored in and transmitted by the systemincrease by geometric progression. To ensure the stable operation of the OA systemand to protect the information resources in the system, we must strengthen thesecurity of OA system. Therefore, how to strengthen the safety control of OA systemhas become an urgent practical problem.The security of OA system may directly lead to the security, stability and reliabilityof government affairs information, playing a decisive role in the development ofinformation construction. One government office, based on the principle of“information security and application synchronizing the planning, designing andimplementation,” has constructed an OA system. The paper is to introduce thesecurity philosophy and application this government office has adopted in theconstruction of its OA system, and discuss how to apply various information securitytechnological means so as to realize the efficiency, safety and reliability of the OAsystem.To begin with， the paper will make a general analysis on the demand forsecurity of OA system, puts forward: this system should be implemented on the basisof the integration office performance, involving state secrets in strict accordance withthe relevant national standards for information systems design and development, inorder to reach level3ability level of information system security protection.In the next place, it introduces the over all architecture of information security of OA,which is divided into three parts, namely security infrastructure ensurance, safetydesign of the application system and the whole running system safety managementand safeguard, and for these three parts respectively formulate the correspondingsecurity measures, so as to realize the whole platform security. Paper focuses oninformation security technology in the " identity authentication","Access Control","safety audits" and other information security technology in the application system ofthe application. The “identity authentication” is a unified authentication platformbased system and it includes identity message creation and management, identifymethod and identity achievement module design;“access control”gives a designconcept about the separation of powers which consist of system manager, securityand auditor, and the technology of achievement contains security classification,access control granularity, subject and object classification and access authority;“Security audit” is mainly achieved through the audit log management, includingaudit information query, audit information transfer reminding and audit informationtransfer. On infrastructure security, the paper introduce the considerations of system in the design, facilities selection and equipments about the environmental security,network security, data security. Finally, the article report the case of system securitytesting, according to the test results, which gives the rectificatory suggestions of thesystem security vulnerabilities and risks.In the end, the author proposed several feelings for the application of security technology in OA system: firstly, the architecture design is very importantfor OA system; secondly, three problems including organization, system andstaff should be solved for information security management; finally, thedevelopment of information security should be coordinate with the application ofinformatization.