| Along with the computer technology development and the popularization, many business units and the management structure have all established own management information system. In the information system development design process, the security performance is always put on the most important position, becomes the information system survival the key. Constructs the enterprise level information system the security system oneself becomes an important research area day by day.This article introduced at present information security domain research present situation, had pointed out in the multitudinous information system development and the management, each kind of security technology application independence is the war, lacks the system the skeleton, but the information security strategy formulation and the information security technology application also lacks the effective fusion. This article take based on the web management information system safe request as a starting point, separately from the management stratification plane to the information security strategy, has launched the thorough research from the technical stratification plane to the related information security technology, including information security strategy standard question, invasion examination system, access control, status authentication and so on.The security policy browses the scope extremely broadly, content also extremely rich, this article analyzes with emphasis should be rampant to now the hacker, the virus was in flood important strategy: The data encryption strategy as well as the backup and the disaster restore the strategy. Proposed the design mentality and should pay attention to the question.As to the firewall beneficial supplement, IDS (invasion dectceting system) can help the network system fast discovery network attack the occurrence, expanded system manager's safety control ability. This article in detail elaborated IDS from the IDS development and the classification, and has pointed out the IDS development direction.This article embarks from the system operating efficiency and the security, in to the status authentication multianalysis foundation in, studied the use Net environment to develop the information system with emphasis to the ASP.NET identification authentication, Enterprise the Services identification authentication, SQL the Server identification authentication development.The access control module uses for to realize visit to system safe, prevented the illegal user enters the system as well as the validated user to the system resources illegal operation. This article will visit the jurisdiction and the angle appearance relation, through will give the user the assignment suitable role, will let the user and the visit jurisdiction relates.Finally through an actual information system based on B/S, C/S majors in engineering the square information system, has confirmed the information security strategy and the security technology research which this article elaborates, the success has constructed the same level other information system synthesis strategy and the technical security frame, has a general significance. |
PDF Full Text Request