E-government Intranet Security Platform Based On Middleware Technology

The middleware-technology-based security and confidentiality platform for the Government intranet described in this article, is based on the national security-related standards of confidentiality, and realized by using the major technologies like SSL, EJB, COM/COM+, XML, etc. to shield the differences of networking hardware platforms, and the heterogeneity of operating systems and network protocols. The platform provides authentication services, access control services and log audit services, not only to meet Government's Intranet security and confidentiality management ,but also to meet the requirements of security and confidentiality to the complex administrative application systems (such as Web, Email, NOTES, Exchange, DBMS, etc.).The government informationization's construction urgently needs high process safety, it needs a more comprehensive security strategy and fine-grained control measures. By utilizing a variety of technical means, we build a three levels of information security system consisting of Prevention layer, Protection layer and Audit layer, to protect the Government intranet security and prevent information from leaking. The system is also able to provide flexible , general-purpose, easy expandable security services and all-around security supporting mechanism ,thus effectively improve Government intranet information the management of security and confidentiality under networking environment. The key technology of the system include: 1. Standardized security design, system is designed and developed strictly in accordance with national confidentiality technology specifications BMZ1, BMZ2, BMZ3; 2. Combine Mandatory with Role-based Access Control Strategy to achieve access control. By the combination, we make permission set flexible, and ensure a certain strength to solve the problem that existing business system's hard satisfying the changes of administrative permissions. 3. Use Comprehensive Mandatory Audit technology, to overlay network systems, operating systems, various types of applications etc., and get all unauthorized or illegal activities in real-time alerting, blocking and so on;4. Provide simple, flexible, and powerful external interface, that simplifies the interface with other systems, greatly enhanced the security and confidentiality of other systems; 5. Under the precondition that ensure its own database full security and confidentiality, the system provides security services for all kinds of business' system database, by which it achieved the access to the database immediate change on the user name, password and encryption key, and the change transparent to the business system as well; 6. The system has associated management systems, and provides effective security through the combination of technical and management.In this article, we first analyzed the demands status to the security and confidentiality platforms for Government intranet, and expounded the subject of security and confidentiality strategy. We create the system model through Rational Rose visual modeling tool, adapting IDL to describe the platform component interface, and database standardization flow to design database the table structure. And then, we introduced several key technologies in the system development, elaborated the each sections from system analysis, to general design, detailed design and implementation, thus complete the design and research to Government intranet security platform.The subject researched Government intranet security platform will help promote the actual execution and implementation of the nation grading protection standards, and will play a leading and model role. This subject provided a safe and reliable basic platform for the construction of Government intranet. It's conducive to promote the stable and rapid development and in favor of secret information from paper to electronic change, to improve the efficiency of administrative offices.