Security Reinforcement Technology’s Research And Design For Internet Oriented Software System As A Whole

The current prosperity and development of the Internet has brought many innovative and convenient. At the same time, it also brought a large number of security issues. Take the current form of Internet-based applications and models are applied into consideration, those applications tend to blend mode, which no more fights alone, but more likely be a win-win cooperation to develop. While this cooperation will generating two or more trust object. The security of those software are different from the traditional one’s. The safety of the traditional software system basically comes from the outside. Namely external party attack on the services provided by the software or attack on the environments of the software system. In the integration services of the current Internet-based software systems, the entire system itself is composed by a number of subjects, thus there is a problem of trust between the subject will rise to security problems, and because of trust issues, there will come to the situation that both the apart of the software system have other apart of the software system, which called security component problems. So, compare with the security issues of traditional software system, current software system actually have more inside security issues. The current typical Internet-based overall software system is the open ability platform software system, which is the platform that opens up their operational capacity, resource capacity, infrastructural platform capabilities for partners using the form on downstream interdependent relationships or cooperative relationships, making common prosperity and mutual benefit from production chain. Such new software overall structure and new forms of cooperation has brought a corresponding trust issues and security issues. Due to the structure of the software system of the whole complex traits, we must jump out traditional and local security problems of investigation and implement security reinforcement, for reinforcement of the whole system security considerations, and it is certain to have pertinence, and design safe reinforced process by combining with the actual system close to the process of business. Besides we should also take the consideration of the weak link in the whole software system, as in accordance with the barrel theory, raising the height of the shortest barrel wood can will improve water storage of the whole bucket, like this rationale, the reinforcement of the some of the weakest link in the overall software system can correspondingly improve the safety of the whole software system. In this paper, relying on the Web application security reinforcement project of OMP(open mobile-Internet platform), we research and realize the reinforcing process of the Web application component security of OMP open platform. We innovate code integrity check sampling algorithm RWRSW (random walk resized by sliding window) sampling algorithm to realize the reinforced process to select the code for checking. We also the use the HOTP algorithm to generate a one-time key, add a new authentication factor for interaction between the Web application security component with the OMP platform, thereby strengthening the security process. Besides, in order to ensure the robustness of Web security component, we make static testing, unit testing, unit test coverage of the Web component’s code. For making checking the robustness of Web components regular and the testing history traceable, we build automation test platform.