Content Resources, Security Management Technology Research

For an e-commerce system of an enterprise, it goes without saying that the importance of business information. With the development of enterprise informationization and the increase in the amount of information, business information is not only structured data stored in the database, what is more is unstructured or semi-structured information which can not be stored in database, including various forms of information such as business documents, software, pictures, audio, video and so on, that is, the so-called content resources. How to manage these e-commerce content resources uniformly in one system, and protect the business content against unauthorized access is what we need to resolve.This article uses the demand of large amount of information and high security of e-commerce system as the background, aims for ensuring the security of resource access and the flexibility of authorization, mainly to research and explore the security management of different types of content of e-commerce.Starting from the application layer of the security architecture, this paper makes an analyses and study on the security of e-commerce content resources. This paper analyzes and compares several commonly used access control model, and studied further the fine-grained access control policy. On this basis, it presents a solution to e-commerce content security management based on J2EE platform, having the function of rights management and access control, it researches on the features of e-commerce content resources especially and carries out some extents of study and implement on aspects of access control and right management.In this paper, the access control and right management of e-commerce content adopt the Role Based Access Control model and Access Control List model in conjunction, achieving unified right management. The content resources security management system implemented in this paper is based on J2EE platform, and uses the RBAC model and ACL model in conjunction, has some extents of security, flexibility and scalability.This article focuses on the design and implementation of the whole system, and finally puts forward the issues that need to be improved, and summarizes the thesis.