Design And Implementation Of Testing And Management System On Information Security Products

Nowadays, Information Technology develops at top speed. Information System ismore and more important in social activities and becomes the lifeline of socialactivities and state agency. But security threat on Information System is everywhere.Coping strategy is continuous explored and advanced, and the vulnerability ofInformation System is obvious. So it has practical and social significance thatresearching on the security of Information System.Information Security Products are special products used to protect computerInformation System. Security of important Information System may influence thesecurity of personal, social, more, the whole country. So, the quality of InformationSecurity Products is very important and included in category of China CompulsoryCertification (CCC). The research on testing technology on Information SecurityProducts has important value.In order to semi-automatic test on Information Security Products and judgingwhether the Information Security Products meet the requirements on function,performance and safety, the Testing and Management System on Information SecurityProducts is designed and implemented. The research content and result are as follows:(1) The requirements of Testing and Management System on InformationSecurity Products are analyzed, mainly function requirement of this system isproposed, and the suitable development skills and platform are selected according tofunction going to be implemented.(2) Testing and Management System on Information Security Products isdesigned and implemented. This system has mainly two functions: firstly,maintenance and management on technical requirements, test and evaluating methods,laws and regulations, typical case, typical sample of Information Security Products.Secondly, function of executing compliance tests. Each Security Product has corresponding technical requirements and testing methods, so it is a huge job tomange those technical requirements and testing methods. Moreover, testing onInformation Security Products is to judge consistence situation with technicalrequirements one by one, and the testing process is complex. So, two businesssubsystems are designed to implement two mainly functions. Owing to the relateddata of this system is so much, hibernate is chosen to realize data persistence in orderto separate data processing from business logic. Because two business subsystems aredesigned to implement function requirements of system, data synchronism is must tobe considered and a difficult point. Considering all kinds of data synchronismmethods, Web Service is used to realize data synchronism and update between twobusiness subsystems.(3) Based on the implementation of Testing and Management System onInformation Security Products, the application scenarios is analyzed. More, theshortage and area for improvement are proposed to the benefit of further study.Testing and Management system on Information Security Products is implemented onthe support of hibernate and Web Service technology. In this system, technologyrequirements, testing methods which are used during the process of testing onInformation Security Products are managed. By means of testing the conformance oftechnology requirements, function, performance and security of Information SecurityProducts are judged whether meet the technology requirements. The system that isdesigned and implemented in this paper has important practical significance andapplication value.