| With the rapid development of Internet technology, the web application has been developed into a platform of interaction, communication and participation. It has become a part of our daily life, and has made a large contribution to the social progress and economic development. However, along with Web applications’popularity, the security problems have drawn attention to the public. The content management system in this paper is a product of Web applications and it provides powerful supports for the management of company resources.This paper studies the content management system oriented security mechanism, with research on related works and systematically analysis. We first introduce the background and related works, and summarize some security techniques of Web application, like firewall, intrusion detection, authentication, access control and so on. The history and principle of the above techniques are briefly described in this paper. We evaluate the security risks of current content management system, including the security risks of their management, hardware, software and architecture. Based on the result of the evaluation, we have analyzed the requirement of system management and software architecture, designed a content management system oriented security mechanism, and implemented the system. The whole system is constituted of four security modules, including the management module, the system defense module, the authentication module and the backup module. The management module is responsible for the management of users and permissions, while the system defense module detects and deals with the packets received by the system. The authentication module authorizes the users of the system, and the backup module backups the system data regularly. We evaluate the system using a series of Web attacks and malicious operations within the system, proving its good performance. |
PDF Full Text Request