Font Size: a A A

Research On Issues About Access Control And Security Audit Of Web Server

Posted on:2015-01-01Degree:MasterType:Thesis
Country:ChinaCandidate:H GongFull Text:PDF
GTID:2308330452957198Subject:Computer technology
Abstract/Summary:
As the Browser/Server model portability and universality that speed popular webservices. At the same types of business services is also very wide, including the growingonline payment services, and other sensitive information, so the security requirementshave become more urgent. Security has become one of the most important characteristicsto a system or platform. Access control can be a layer of filter access to resources, whichcan prevent unauthorized users from unauthorized access. Popular systemes executesrole-based access control policy, it is a protection method make use of giving differentroles which users can access the system by playing it for different users. User Audit canaudit users’ behavior, so that the reasons for exploration, defined responsibilities,originally tracking possible. If we want business systems up and running, we need a safeand stable environment, the user’s operation is very detailed grasp of practicalsignificance.First,I have analyzed architectures of Apache and Tomcat, which two popular WebServer. studied their main core structures and systems components, understanding auditlogs and access control features of these two popular servers. Then a detailed analysis ofthe internal process of the Web server handle with user’s request has proposed, and on thisprinciple, I proposed access control and security audit strategies that related toimproveing security of Web server. Then I modified and recompiled a new TomcatServer,And practiced a thired-party applications which apply to all requirements.betested to verify the correctness of the theory.Web server is a grassroots components of web running environment, The securitypolicy which embedded in the component are applicable for all of third-party applications,avoiding the need for additional development requires this functionality for eachapplication, so that it can focus more on core business. Can improve the developmentefficiency and shorten the project cycle.
Keywords/Search Tags:Web Server, Structural Analysis, Access Control, User Audit
Related items