Design And Implementation Of Digital Certificate Based Network File Sharing System

With the increasing level of information technology, information technology is widely applied in various fields,Information exchange and sharing has be-come a necessary means for self-development of various organizations. Elec-tronic document has become an important part of the management of intan-gible assets and increasing important resources and wealth of organizations. Peoples are also facing serious problems while they use electronic documents: There is no uniform and effective electronic document management,that lead to documents inconvenient to use,a low utilization rate and document missing, so,resulting in the loss of intangible asset.Hackers, unauthorized users or competitors steal the organization's financial information, technical secrets,that causing serious economic losses to organizations. To achieve the security of electronic document storage and sharing is a important issues need to be re-solved for organizations.Along with the gradual in-depth of information construction,Information security is receiving increasing attention at all levels of government depart-ments,cryptography has been widely into the online banking, e-commerce transactions that involve sensitive information systems.The use of digital cer-tificates for authentication, the use of encryption algorithms to protect sensitive information has become a mainstream information security solutions.This article is a based on the author's long-term survey of enterprises and institutions to understand the user's actual needs and to conduct in-depth analysis and proposed a complete, practical, secure, digital certificate-based authentication security of network file sharing solution. The program takes advantage of digital certificates, symmetric encryption and SSL technology, such as the respective advantages of the rational integration of related tech-nologies, namely, authentication through digital certificates, SSL security pro- tocols to protect transmission channels, symmetric encryption algorithm en-cryption of electronic documents, a series of measures, to ensure that corpo-rate information security. And the design and development of a set based on the B / S mode of application systems to meet the actual needs of users.System based on B / S structure of the MVC framework for three-mode design, integrating the most popular SSH frame technology, that is, Struts, Spring and Hibernate, respectively, use of the technical characteristics of the framework for the entire system can provide stable operation and development platform . In order to achieve better access control, access to the system con-trol module is based on role-based access control model RBAC design, the roles / privileges than the change between the roles / users to the change in relations between the relatively stable, thereby reducing the complexity of au-thorization management nature of the security policy allows businesses have greater flexibility, reduced management costs.Function of the system is based on the actual business requirements to design, is divided into two subsystems, one is the management subsystem for the organization, data sub-code and system log management and mainte-nance, through this sub-system can prevent unauthorized users of unneces-sary registration , user creation and deletion of a unified approach by the management staff, and can be documented through the system log information monitoring system operation. The other is the file management subsystem, providing upload, download, file authorization and query files and other func-tions. Users can through this subsystem will need to share electronic files up-loaded to the server, unified management, based on actual need to read the file right to license the file through the system functions have been assigned to other registered users. And the system provides a strict access control policy, unauthorized users can not access certain files, which prevents the unneces-sary information disclosure.The platform has a high availability, stability, security features, according to the actual situation can be put into use slight modifications, in the enterprises within the broad application prospects.