| The security of information system is a primary question for all the information systems at present. However, with the continually development of the information security technology, incidents about security happen frequently. How to manage the security of information system's resource is the key task in this paper.In part one, theory framework about the security management system is built systematically. The background and the aim to this paper are summarized firstly. Then this paper introduces the present status of security management system. Meanwhile, technology needed in completing the security management system is discussed, such as the technology to authenticate identity and so on. Based on considering the function and designing principle of security management system for Network Counterwork Experiment Platform, this paper discusses the management system's framework and the gist for designing this system. On the basis of the framework brought forward before, the management system can complete the identity authentication effectively, and users can land on different platforms by the same security service, and then achieve the uniform security management.In part two, found on the theory studied in part one, the method using USB-Key two-factor authentication based on PKI is put forward. This way provide apotheosis for uniform identity authentication platform. Using Java 3-tier architecture, the efficiency to build the system is enhanced, and it can implement the system by different languages. The system has some other merits, such as easy to upgrade, extend and so on.At last this paper analyses the system's security intensity from some aspects, such as users'landing on, database, access control and so on. In succession, it puts forward some imperfect aspects needed to be improved and the following task I need to do about the system. |
PDF Full Text Request