This paper introduces the model of fine-grain access control for' web applications which combines with various technologies such as access control, proxy, cache etc, after having analyzed the risk of web application, and implement it. It can inspect the web data out of or into private network, filter malicious code and deleterious information in the web pages, prevent users inside from surfing the illegal web sites, and effectively enforce the security of the web applications.This paper introduces the design thinking and other key technologies of the fine-grain access control system for web applications. We also conducted some tests on its functions and performance. The result of tests shows that the system could effectively enforce the security of web cl ients, and meet the requirement of security products.
|