计算机在线考试统的安全漏洞及对策.doc

在线考试系统的安全漏洞及对策 总计毕业论文页指导教师：完成日期：摘要 随着网络技术的飞速发展，现在很多国外的大学和社会其他部门都已经开设了远程教育，通过计算机网络实现异地教育和培训。现在，计算机硬件技术的发展已经达到了相当高的水平。但是，远程教育软件的开发目前还处于起步阶段，随着这项技术的不断深入发展，就要求有更好、更完善的软件系统应用到远程教育当中去，ASP 中，ASP 以其开发周期短、存取数据简单、运行速度快而成为众多web 程序员的首选开发技术．但由于开发手段的直观、快速和高效，也带来了一定的安全隐患。数据库是的基础，通常都保存着重要的信息。大多数的电子数据都保存在各种数据库中，他们用这些数据库保存一些个人资料，比如等。数据库服务器还掌握着敏感的数据包括和数据完整性和合法存取会受到很多方面的安全威胁，包括密码策略、系统后门、数据库操作以及本身的安全方案。但是数据库通常没有象操作系统和网络这样在安全性上受到重视。Web 的信息系统最常用的ASP＋SQL Server 2000为例，探讨在线考试系统中可能存在的安全隐患，并给出相应的建议。 关键词：ASP；SQL Server 2000；安全漏洞；对策 ABSTRACT Flying technically along with the network to develop soon, the university of now a lot of abroad all have set up with the social other section the long range educates, passing the calculator network realizes foreign land education with train. Now, the technical development in hardware in calculator has come to a very high horizontal. But, the long range educate the development of the software to still be placed in the stage in start now, along with this technical continuously thorough development, will beg the better and more perfect software system apply to the long range the education center go to, face to now the network plait distance, database visit in various techniques, for example in the JSP, PHP, ASP, ASP with its development cycle short, access data simple, run - time velocity quick and become the head of numerous the member of web procedures chooses to develop the technique. but because of development the means keeps the view, fleetness with efficiently, also brought the certainly safe hidden trouble. The database is the foundation of the on-line examination system, usually all keeping the important information. Educate the section to keep with the electron data of the school all mostly in every kind of database, they keep the some personal data with these databases, for example student score etc. The on-line examination system database server still controls the impressionable data, including the time of the examination with the subject of exam