基于J2EE的安全技术研究-计算机应用技术专业论文.docxVIP

信息]二程大学硕+学位论文摘要 信息]二程大学硕+学位论文 摘要 J2EE安全技术为基于J2EE架构的应用系统提供了多种安全服务，但是，J2EE安全仍 然存在一些不足之处。如J2EE安全体系结构中提供的基于角色的类级粗粒度访问控制已 经不能满足当前企业级应用实际需求：J2EE规范定义的安全域范围内单点登录在使用中存 在很多不便等。由此，本文针对J2EE安全体系结构、J2EE访问控制模型以及基于J2EE 的安全技术进行了深入地研究，重点从认证与授权、数据存储安全、数据传输安全等方面 对J2EE安全技术进行了分析，并指出了J2EE安全中存在的一些不足。 在此研究的基础上，基于J2EE分层体系结构提出了一套可行的安全增强方案，同时 给出了该方案的设计与部分实现。在增强方案的服务器端安全中，设计并实现了集中式认 证架构CAA(Central Authentication Architecture)，CAb．在不使用Cookie机制的情况下实 现了单点登录和集中认证功能；建立了基于角色的实例级访问控制RBIAC(Role=based InstanceqevelAccessContr01)模型，并进行了实现；其次，提出了一种实现用户多角色访 闯系统的实现方法。最后安全增强方案在军队办公自动化信息平台得到了应用。 关键字；J2EE；安全技术；单点登录；访问控制 第v页 信息工程大学硕十学位论文Abstract 信息工程大学硕十学位论文 Abstract 11】c security technology based Oil J2EE provided a Iot of security service for the application based on J2EE architecture．However,J2EE security Still has SOlne deficiencies．For example． The class-level acce踮control of J2EE c砸^meet the security requirements of application actually；’n圯SSO in the scope of the security domain defined in J2EE specification was inconvenient．So this thesis carded on the analysis and research thoroughly on the J2EE security architecture as well as the security technology based Oil J2髓．especially J2EE authentication, data storage security,data transmission security and the J2EE access control model；then points out some weaknesses existing in the J2EE security． On the basis of the research described above，the paper firstly proposes a feasible scheme for enhancing the security function ofJ2EE，and then completes the design and realization ofthis scheme．In the side of server of the scheme,CAA which does not use the Cookie mechanism realizes)he SSO and the central authentication function．11把RB认C(Role-based Instance-level Access Contr01)model is designed and realized which fulfill the iastance-level ac．A?,efls control secondly,one kind ofsolution for user to visit application with multi-roles Was proposed．At last (he secmity scheme was applied in the armys off3ce automation information platform． Key words：J2EE；Security Technology