摘要
传统的Web防篡改系统安装于受保护服务器中,无自身安全保护措施。为减少网站页面被篡改,确保Web页面的完整性和防篡改系统自身的安全,借鉴令牌环工作原理,在已有防篡改技术的基础上提出环形网页防篡改模型,模型中引入了三线程和轮询环双重保护技术,解决了防篡改系统自身的安全问题。详细描述了系统的设计方法、工作机制及实现过程。实验证明,该系统能有效自御,在网站安全性得到保障的同时不影响服务器的工作效率。
Traditional Web tamper-proofing systems are typically mounted in the protected server, without safety protection. In order to decrease the possibility of Web pages being tampered and to ensure the integrity of Web pages and the safety of the tamper- proofing system itself, this study, based on token-ring techniques, addresses the safety problem by proposing a ring-like tamper- proofing model in which novel defensive techniques like three-thread and polling loop are introduced. This paper describes in detail the design, implementation and evaluation of the system. The evaluations show the effectiveness of the system in terms of performance and security guarantees.
出处
《计算机工程与应用》
CSCD
2013年第14期92-97,共6页
Computer Engineering and Applications
基金
国家自然科学基金(No.61173166)
湖南省高等学校科研项目(No.11C0600)
湖南科技学院科研项目(No.12XKYTB005)
关键词
环形结构
防篡改
数字指纹
WEB安全
ring structure
tamper-proofing
digital fingerprint
Web security