Research And Design Of The Online Application System Security Solution

SaaS is a new kind of software mode which became popular in recent years, SaaS service providers provide software services which users required through the Internet. The SaaS system not only has better flexibility, but also can reduce the cost of users purchasing, building and maintaining the hardware and software infrastructure, so it is welcomed by small businesses. But compared with the traditional software mode, the SaaS environment is more complex, and exits more security risks. Therefore, the security problems of SaaS system is a major concern for many users, and also become a major obstacle which hindering the development of SaaS.One small IT company now has a CRM product based on the SaaS model, which is providing Online CRM application service for many enterprise users. At present, the existing security measures are not able to meet the security requirements in the SaaS environment. The company is looking for a safe, economic, easy to implement and maintain security solution, in order to enhance the security of the system as much as possible in limited conditions. Aiming at this requirement, following works has been done in this paper.At first, this paper analyzed the major security risk in the SaaS environment, analyzed and compared the current mainstream security technology of data storage security, data transmission security, identity authentication, disaster recovery. The purpose of this work is to provide a theoretical basis for the choice of technical route and the design of security solutions.Second, aiming at the data transmission security and identity authentication of the CRM system, this paper designed a security solution. By simplifying and improving the typical CA system, this paper designed a CA system which can meet the needs and capabilities of the company, for issuing and managing digital certificates. Based on OpenSSL-an open source tool, it build and tested the core module of the CA system in this paper. It achieves safe transmission via HTTPS, which based on SSL protocol and digital certificates. And it improves the security of system authentication by using the identity authentication method of USBKey combined with digital certificate.At last, this paper assessed the security solutions, and analysised the security risks may still exist in the system. Briefly put forward the countermeasures and the further improve scheme in the future.