| With the development of the Internet, breaking down geographical boundaries. Not only changed the way people communicate, but also changing the inherent mode of production, so that the socio-economic situation in the development of technology are the new normal reforms. Internet as an unstoppable force in the challenges of science and technology and human civilization unknown spatial cognition ultimate showdown. Our linking to the Internet in the last two decades of modernization concern around the world has made great achievements.Network to the rapid advance of information technology into the power, at the same time gives us a severe test, requires a comprehensive, serious, serious to face the global challenges of network security, such as system vulnerabilities, network theft, computer viruses, network attacks, spam, false or harmful information and other network illegal crimes. In recent years, the popularity of the world’s interconnected network of multicultural ideology in the battle against online, network chaos continued high incidence of group events one after another, the network has become saboteurs spread negative energy to gather. Network security is not just about personal information and property, serious harm social stability and social development process. Country’s vast area, an important foundation for the construction of facilities and more information, and electronic information systems development momentum, led to the current office-government systems, financial systems, logistics systems and industrial sectors of energy control systems have varying degrees of security vulnerabilities and technological backwardness situation, the last two years of frequent network attacks, security systems existing information systems need to be strong and urgent upgrade. This topic starts from the portal sites of Points mansystem and to consider the sites’ security protection in the website development phase.During the study of the whole issue, as follows:1)introduces the ten most serious security risks threatening the WEB application, rating these security risks and analyzing of its dangers; 2)analyzes defending measures of website security in detail, first begins from the most common SQL injection, then analyzes its principles and responses; 3)describes the principles and preventive measures of the most common XSS and CSRF vulnerabilities of the client browser; 4)describes how to authenticate the users on NET, how to manage the session after authentication and control permissions for different users; 5)combines architecture with performance requirements for the practical application of the planning system that the subject facing, design website platforms from important perspectives such as user registration, entry authorization, SQL injection to achieve security implementation. Design and implementation of the system focus module were analyzed using vulnerability scanners, experimental results show that the use of multiple layers of defense, layers of nested method vulnerability against multi-point defense is more effective than a single approach. LINQ to SQL technology avoids the ADO.NET shortcomings in terms of SQL injection. In this article some ways has applied very well, then you can apply it to other technology platforms or projects in order to study and explore further. |
PDF Full Text Request