| At present, the feature of the enterprise application is large in scale, much in number and complex in function. Three new security requirements are raised except the traditional authentication, authorization and audit functions etc. the new requirements include easy use of the security system, central manage ability to administrators and continuous security advance ability. To meet these requirements, the Enterprise Application Security Platform is presented in this thesis which provides security functions to applications including Single Sign-On, central authorization management and central user management functions etc. The platform not only reduces the burden of application developers, but also simplifies the security management of applications.With design and development of an Enterprise Application Security Platform named with ECAMS, serial key technologies on implementing and applying it are investigated in this thesis. As a result, three principal achievements have been obtained. First, J2EE Application Single Sign-On solutions are investigated in depth and a flexible Single Sign-On System is implemented which can support diverse security levels. Second, a SE-RBAC model based on RBAC is presented according to the requirement of enterprise. The management model of SE-RBAC is given too in this thesis. Third, Aspect Oriented Programming technique (AOP) is successfully applied to the development of application security functions which can isolate application codes and security codes to improve the continuous security advance ability. |
PDF Full Text Request