| With the high-speed development of the Internet technology and database technology, and the constant improvement of computer system application, our people can facilitate with works more and more conveniently. But the problems of computer system security occur, as that the deficiency of security for systematic platform and correspondence leads to code disclosure, invasion of Hackers, and steal and revision of data, that puzzles the explorers and users of computer system. The study on security of the application system has becomes an important subject in the field of software engineering. And the research and multiplexing of security policy is one feasible way to solve the problems of computer system security.Regarding the security of Administrative System of Hunan Institute of Technology (HITAMS) as the goal and practical example, this paper takes the security policy into consideration in the design stage of this system, and places the system security at the first place of exploitation. While exploring the modules, it is carrying out the security in the whole process of design work. Because of the system application based on the campus network and database technology making up this system critical, amalgamating some means of .NET technology in system security during the system design, it effectively combines the security foundation supplied by background database management system together with the security policy of business system developed by foreground. NET. And it forms the general security protection system to enhance the security of application system against the present security protection feature in information system. The policies are followed as: popedom setting and distribution, system manipulation log record, and secure communication etc. During the design of database, it carries with the security research and collocates the security policy. Especially from the installment stage of database server, it takes the security protection aiming at checking erroneous ideas at the outset and eliminating the occurrence of insecurity factors to promote the system security. To tackle the different unpredictable attacks, this system brings in the security log, which facilitates the system with disaster recovery, as the last security guarantee for system.Finally, it summarizes the work of research and exploitation and puts forward the future research direction. |
PDF Full Text Request