| In the 21st century the computers all of the world are connected together by Internet, then the connotation and extension of information security will be changed totally. It has changed not only from the general defense to the very ordinary guard, but also from a special field to any place. The paper does not discuss the security of circuit, but focus on preventing the risk of application security, led by software design, from the angle of application system business. The paper reforms application system on the basis of software modularization and resource integrating and directs the business design logic of application system.First, the technology system design of the paper ,on the basis of application classification principle of national information security grade protection regulations and the analyze of current application system design models, delimits the elements of application system in business logic which can affect security and be conformed, forming the boundary of application security. Second , applies the more mature notion of PKI/PMI to the realization of the boundary, and conforms by access control technology and applications, not only improving the security of application system, but also putting the development of applications to the position of the development of pure business logic. All of this will decrease the risk of redevelopment, and avoid wasting resource. The design of the system provides a new thinking for the security construction of application system.In the information security grade protection, the security elements of information system include four parts: ID, access control, competence and audit, in close relation to protected target and business content.ID is the information of users as the object of application system. It can guarantee that the information of each person who uses the business system is true. As a user of business, the individual has not only natural attribute as a natural person and constant social attribute as a social person, such as sexual, age, ID card, but also the changeable social attribute, such as station, official grade, etc. In view of the particularity of ID, we adopt the digital certificate... |
PDF Full Text Request