Research&Application Of The J2EE Technology In The Field Of The Statistical Information System Security

With the rapid development of information network technology, electronic government affairs information system development and application popularizes day by day, the system safety requirements are more stringent. J2EE (Java Enterprise Edition2) is based on Java technology information system development platform for application system, it provides a series of security access control technology support, including Acegi security framework and role based access control in RBAC (Role-Based Access Control) technology in the information system security system deployment is widely used.According to the National Bureau of statistics of a certain city investigation team information system security architecture design as the background, through the J2EE platform existing safety technology and development experience in conducting the research, combined with the actual safety demand is realized which has stable and reliable identity authentication, access control and data security system security system.1, based on J2EE technology security system construction mechanism, a detailed analysis of the J2EE constitute the important component, common platform container and the relevant core technology, then around the concept of safety mechanism, authentication and authorization mechanism and JASS technology of the platform under the standard security system operation principle.2, this article from the MVC development mode, Struts framework, Spring framework and Hibernate framework concept and structure system proceed with certification in current J2EE technology platform to mainstream lightweight development framework of SSH architecture and its core technology, then focuses on the analysis of SSH based Acegi security technology system, allocation mechanism and function expansion and RBAC access security control strategy implementation.3, the statistical system specific security requirements in particular data resources security analysis, according to the demand of system roles and permissions database design security architecture, collection of Acegi technology to realize user authentication, and access control strategy based on RBAC dynamic authority management, using SSL transmission protocol of the user in the system operation safety protection, and the choice of two commonly used test software on system performance testing and system performance optimization.