Design And Implement Of Project Management System Security Based On J2EE

With the development of Internet technology, enterprise information systems, such as e-commerce and e-government, are developing rapidly. The information technology management model is gradually challenging the traditional management model. Internet technology development, especially J2EE technology, has become more and more mature as a platform for Web, and make the project management information close to us. But while people are demanding the function of project management system increasingly, the system security problems tend to be overlooked. This thesis is to construct an open, flexible Project Management System to provide a relatively safe solution.Information security is in the forefront of world problems in information science. In order to protect the security of data, people have made substantial achievements in many areas. There are a lot of relatively safe encryption algorithm and digital signature algorithm. J2EE which is the enterprise edition of java 2 platform has very important position about its platform independence and integration. So the research by the Project Management System based on J2EE security issues had practice significance.This thesis researched Security Mechanism of J2EE, and designed and implemented the security system of Project Management System. In identity authentication, system not only used in the traditional way, Single Identity Autehntication, but also provided a Unique Identity Authentication to avoid duplication by more users of the system, also ensured the user only have a legal status in Enterprise Information System. In access control, system used advanced access control mechanism——Dynamic Role-Based Access Control. This model connected the system roles to project progress, and avoided potential safety problems caused by human factors. In other hand of Project Management Security, we used the digital signature to ensure the data integrity and non-repudiation, and used HTTPS to apply security transmit.This thesis implemented the security system, which is consist many modules of the server and client of Single Identity Authentication, the server and client of Unique Identity Authentication, Access Control, Digital Signature, CA Center and the Transfer Security. Finally, it provided the data structure of system to save the modules' background information.