摘要
本文深入研究了在身份认证中维持用户状态信息的重要对象Session的工作原理,并依据现有的理论基础,从Web应用程序中身份认证面临的实际问题出发,提出了非正式注销存在的安全性问题。论文结合Session的工作过程和利用浏览器的缓存技术,提出具有实用性的解决方案,使Session在Web身份认证中的应用更加合理、有效,增加了身份认证的安全性。为了验证结论的有效性,将本文提出的解决方案应用于基于Web的网络考试系统中,证明了这种方案的适用性,达到本文的设计目的。
This article further study the working principle of Session which are important object maintaining the user status information at identity authentication.And according to existing theory, starting from the identity authentication' s practical problems in the web application, proposed the safety problem of informal logging out and etc.This paper combines the working process of Session, and using browser's cache mchnology, proposed practical solutions.It makes Session' s application in the web identity authentication more reasonable and effective, and increases identity authentication' s safety.In order to verify the validity of the conclusion, we apply the proposing solution to web' s network test system, it proves applicability of this scheme, and achieve this paper' s designed purpose.
出处
《电子世界》
2013年第23期16-16,25,共2页
Electronics World
基金
吉林省自然科学基金项目(项目编号:20101524)
