| The popularization and development of Internet technologies are promoting the process of constructing enterprise application. In order to increase the design and develop efficiency, reduce the cost of building the enterprise application system, the J2EE multilayer system structure pattern has become the main method of building enterprise application. Based on the open network, the multilayer system structure has more superiority than the traditional structure which we called C/S, but also faces some new problems simultaneously. Because of the open network, the multilayer system structure is facing security threat from various aspects. How to protect the information from the illegal gain, the embezzlement and the destruction, has become an important problem that researcher cared about together.This thesis focused on the application security of the city TV fixed-asset management system. Against network attacks common risks, this paper makes a profound analysis on this system. And then, a protection from the authentication, access control management, data encryption, data storage and secure transmission system of four areas of application security layer protection is presented in the thesis. Meanwhile a detailed layout design is made up for four modules. The module of customer certification adds a Verification Code to the traditional sheet certification, and replaces stored password with stored digest of user password to guard against attacks and keep secrets. The module of user authority management applies MVC pattern, and adopts the business module of application system and the attached operation appointed code. So it can accomplish united management and scrupulous access control. The use of encryption for critical data storage and then the way to protect important information in the database. Through server configuration to quickly get the support of SSL on the system to ensure the security of data transmission. Finally, using J2EE technology to realize the system security features. |
PDF Full Text Request