| Nowadays, with the rapid development of information technology, the governments payhigh attention to the construction of e-government. However, as e-government constructionand application continually go deeper and more popular constantly,the vulnerabilities andrisks of information security are arising constantly, the problem of information security ismore important and has become an indispensable important part of e-government construction.This paper study the Information security system construction of e-government. First of all,the paper will give the outline design, in order to offer the frame design and the functionmodule division and technique support platform of this system. Secondly, the paper willanalyze the vulnerabilities and risks of information security that may exist in the system, andcarry out security policy design specifically. Finally, the paper will design and realize threenucleus modules, which include the user authentication module, the security rolemanagement module and the access control module.Unlike the previous information security system design ideas, the system uses the designconcept of PPDR security model, which don’t rely on simple static protection and simpletechnical means of prevention, but also rely on the whole security framework of system, thatwill enhance the level of information systems security. The platform of system securityapplication uses J2EE framework supports component-based development approach, whichgreatly simplify and standardize the development and deployment of application systems, thatwill improve code reuse and improve the system portable, security and promotional valueeffectively. Among the platform, the user authentication module using double identificationmethod which includes CA identification and system identification, that will improve thesafety design level for system login; the security role management module using the designideas of “the separation of powers”, that will reduce the risk of the existence of “the superadministrator”; the access control module using the design ideas of role-based access control,that will overcome the weaknesses of traditional access control methods effectively.Compared to other systems, the security design of the system is safer, more efficient and moreflexible.At present, through the technical inspection by the competent authorities, the system hasbeen achieved the corresponding security level standard and has online operation formally,which play a good effectiveness of the application in practical work. |
PDF Full Text Request