| As the Global Convergence of Information or Internet is increasing its span, so are the security threats related to it. Identity & Privilege Management is a critical issue in enterprise security. Security infrastructure for applications can greatly assists developers and enterprises in securing their applications. When used properly, this infrastructure takes much of the burden of securing the application off of the developers, leaving them free to concentrate on implementing business logic, improves security, productivity and user-experience, reduces operational costs through automation and streamlining of IT administration processes, improves ability to cope with organizational and business changes.Zhejiang Province Key science and technology project "Developing and Industrialization of Basic Middleware" based, we plan to develop a lightweight J2EE Application Server with independent intellectual property. This application server is expected to provide low-level security base framework, and superimposed privilege management infrastructure (JTangPMI). JTang Sever security base framework provides low-level interface for web and EJB components. JTangPMI provides enterprise oriented, uniform, standardized access control development platform, provide the whole policy constraint on system security, which reduces operational costs of administration processes, reduces lead time and costs of new application development, offers a standardized and extendable platform.The article does research in relative theoretical model and system backbones, furthermore introduces research and development of JTang security infrastructure from system design, system implementation, improvement of function and performance, and application.In the first chapter, background and related knowledge of the system will be introduced, together with research motive and the main content.In the second chapter, theoretical access control model, backbone of J2EE security and PMI are addressed.In the third chapter, design consider and advantage, related technology will be described, as well as the design of architectures and functions.In the fourth chapter, implementation details and key processes are discussed.In the fifth chapter, JTangPMI based client application is introduced. In addition, performance optimization scenarios are put forward according the test result.In the sixth chapter, the summarization of this thesis and the future work will be introduced.In the last chapter, other projects I have undertaken are presented. |
PDF Full Text Request