| 基于JAAS和Struts的MIS安全性的实现方法研究 |
| |
| 引用本文: | 李磊,杜平安,刘孝保,姜伟.基于JAAS和Struts的MIS安全性的实现方法研究[J].电子科技大学学报(社会科学版),2007(4). |
| |
| 作者姓名: | 李磊 杜平安 刘孝保 姜伟 |
| |
| 作者单位: | 电子科技大学机械电子工程学院 成都610054 |
| |
| 摘 要: | 描述了基于Java认证与授权服务和Struts程序开发框架的企业MIS系统安全性的分析与实现过程;提出了一种三层结构的安全模型;采用将数据库管理系统和Web容器的角色权限体系相统一的方法,分别在浏览器层、Web容器层和数据库层采用协同的安全策略,实现了基于角色访问控制的MIS系统安全性。结果表明结合Java认证与授权服务与Struts框架较好地满足了MIS系统安全性的各种要求,不仅降低了系统运行期安全性维护的难度,而且提高了Web应用程序开发的效率。
|
| 关 键 词: | Java认证与授权服务 MIS系统 基于角色访问控制 安全模型 Struts框架 |
Implementation of MIS Security Based on JAAS and Struts |
| |
| LI Lei,DU Ping-an,LIU Xiao-bao,JIANG Wei.Implementation of MIS Security Based on JAAS and Struts[J].Journal of University of Electronic Science and Technology of China(Social Sciences Edition),2007(4). |
| |
| Authors: | LI Lei DU Ping-an LIU Xiao-bao JIANG Wei |
| |
| Abstract: | A 3-layer model based on Java Authentication & Authorization Service (JAAS) and Struts framework is presented to insure the security of Manufacturer Information System (MIS). In this model, the identical roles for both Database Management System (DBMS) and web container are defined. A coordinate security architecture is utilized to realize the Role-Based Access Control (RBAC) of MIS at web browser, web container and database, respectively. The results indicate that the implementation of this model meets various security requirements for MIS, and also makes it easier to administrate the system security during the runtime. In addition, the Struts framework enhances the development for web application effectively. |
| |
| Keywords: | JAAS manufacturer information system role-based access control security model Struts |
| 本文献已被 CNKI 等数据库收录! |
