摘要
分析了传统教务管理系统存在的安全问题,提出了基于Web的教务管理系统安全设计方案。从网络边界安全、身份鉴别与访问控制、入侵检测、数据加密、服务器安全、灾难备份与恢复等方面对系统进行全方位保护,并给出了整体设计架构。该方案能阻止非法用户的入侵,防止合法用户越权访问;同时,基于身份的加密方案确保数据在使用、存储、传输和处理过程中的机密性、可用性、完整性和不可抵赖性,克服了PKI机制公钥管理困难、成本高、效率低等不足。理论分析和实验结果表明,该方法是保证高校教务管理系统安全运行的一种有效解决方案。
The security problems of traditional educational administration systems(TEAS) were analyzed. In order to improve their security, a novel integrated solution was proposed. In which, network border protection, user identification and access control, intrusion detection, servers' security, and disaster recovery were presented or strengthened. So the invalid users can be held back, and the exceeding access of valid users can be prevented. At the same time, the new method of Identlty-Based Encryption(IBE) can ensure the confidentiality, integrality, usability and the undeniable-ness of the data during the processes of storage, transmission, processing, and so on. As a result, the shortages of PKI, such as the difficulty in managing the public keys, high costs, and low performance can be overcome. Theoretical analysis and the experimental results show that it provides a good security solution to the field of MIS.
出处
《计算机应用》
CSCD
北大核心
2006年第5期1198-1201,共4页
journal of Computer Applications
基金
河南省科技厅科技攻关项目(0424220060)
河南省教育厅自然科学基金项目(2003520289)
关键词
网络安全
PKI/PMI
基于身份加密
教务管理系统
network security
PKI/PMI
Identity-Based Encryption (IBE)
educational administration system
