The Research And Design Of Web Security Construction Based On SSH Multi-Layered Frame

The computer network can effectively realize resources sharing, further strengthens along with resources sharing, the information security question is more and more prominent. The information security is prominent because when the computer network establishes, it has not considered the safe factor, moreover the TCP/IP also takes the network environment as a credible environment. People use sorts of methods to guarantee the information security. Authentication and the access control are the two important contents of the network security; they become the research hot spot in current information security domain. Many application systems need to take the corresponding security measure in these two aspects.The research shows, at present, authentication and authorized management system has some problems, such as the intense-coupling between enterprise application system and authentication and authorized management system, the absence of dynamic access control capability, the inconvenience of the administration of the system, etc. This paper studies these problems.Firstly the reason why enterprise application system intense-coupled with authentication and authorized management system is that the design between OOP and Aspect-oriented does not match. At present a new method called AOP technology appears, it is used to separate transverse cutting attention spot; it "weaves" the transverse cutting attention spot into the place where needs it. So this paper studies aspect-oriented programming and describes a new approach to develop authentication and authorization system based on object-oriented programming and aspect-oriented programming technology.Secondly, this paper studies the various access control models and offers an extended T-RBAC model which uses User Group and Group to improve access controllability and maintainability. Finally, uses the idea of multi-layered frame which is popular in the J2EE project. Based on the above research results, offers a new design of authentication and authorization system which uses Struts, Spring, Hibernate, Acegi. It can solve the problem which mentioned before. There are some limitations and deficiencies at the present, combine the developing trend of discipline, proposed the further work planning and objective of the struggle in the future.