摘要
描述了基于Java认证与授权服务和Struts程序开发框架的企业MIS系统安全性的分析与实现过程;提出了一种三层结构的安全模型;采用将数据库管理系统和Web容器的角色权限体系相统一的方法,分别在浏览器层、Web容器层和数据库层采用协同的安全策略,实现了基于角色访问控制的MIS系统安全性。结果表明结合Java认证与授权服务与Struts框架较好地满足了MIS系统安全性的各种要求,不仅降低了系统运行期安全性维护的难度,而且提高了Web应用程序开发的效率。
A 3-layer model based on Java Authentication & Authorization Service (JAAS) and Struts framework is presented to insure the security of Manufacturer Information System (MIS). In this model, the identical roles for both Database Management System (DBMS) and web container are defined. A coordinate security architecture is utilized to realize the Role-Based Access Control (RBAC) of MIS at web browser, web container and database, respectively. The results indicate that the implementation of this model meets various security requirements for MIS, and also makes it easier to administrate the system security during the runtime. In addition, the Struts framework enhances the development for web application effectively.
出处
《电子科技大学学报》
EI
CAS
CSCD
北大核心
2007年第4期771-774,共4页
Journal of University of Electronic Science and Technology of China
