| With the rapid development of the new generation of information technology represented by WWW, the human beings are advancing to a completely new age relied on network. As the leader of national economy, the government plays an extremely important role in society with the important of its managerial capacity and service functions. E-government has been proved to be the primary application of the five fields of information highway, which is proposed by many countries. However, owning to the various systems, applications and usage of different people with different roles involved in the e-government, the security issue in this field has become more and more crucial.This paper analyzes the security issue of computer network first. As e-government system itself is the application including information transmission via network, the risk of information security on network is inevitably a threat to the system. Moreover, the characterizations of E-government claim a even higher security demand. Therefore, this paper introduces the hidden dangers of e-government in two aspects: computer network and e-government. In order to solve those problems mentioned in this article, popular techniques and products aimed at security are discussed in details, and an overall solution is provided with respect to e-government information security.Besides, the author has participated in the practice of developing the e-government system of anonymous town. A general design of user's identification and access control has been given out and implemented with existing popular techniques.In user's identification module, the functions and requirements are to provide safe, robust identification validation service for all users on the base of ensuring the true, reliable user information. Furthermore, a corresponding solution is designed and implemented according to these requirements by combining the Digital Certification and user/password validation mechanism. J2EE security technology is also used to carry out the X.509 Digital Certification.As it comes to the part of access control, the tasks are :1, Analyze the access control requirements of e-government system in detail. 2, Compare the advantages and disadvantages of 3 different access control strategy: DAC, MAC and RBAC. Describe the access control information of RBAC model with UML. 4,Make a detailed description of database design and encapsulate the data in database into object for operating by using OJB. 5, Implement RBAC model in the real project and demonstrate the main functions.Since the system has been put into use for half a year, it has been running well and gained expected objection.
|
PDF Full Text Request