| With the rapid development of computer network technology, the enterprises and institutions have set up their own internal networks. So the network office is becoming more and more common. The network office allows enterprises to effectively enhance office efficiency and management level, improve production efficiency. Complex intranets and the Internet make computer terminals come with more security issues and information security becomes increasingly important. As the complexity of network attacks, government agencies and research institutes’ office computer being attack risk is intensified. Therefore, by strengthening the security supervision of computer terminals to keep research data safe is of great significance.In this thesis, based on the project of computer terminal security check system for Chinese Academy of Sciences, we study the security problem of office environment computer and then design and implement the terminal security check system for Chinese Academy of Sciences. Server-side, using Java technology, is the center of system that provides administrators with a centralized management platform. Computer terminal security check system for the CAS provides integrated security management system, to check and repair the terminals’ security configuration, effectively reduce the terminals safety operation maintenance, improve management efficiency, ensure the safety and stable operation of computer terminals.Firstly, we analyzed and summarized research status at home and abroad about terminal security systems.Secondly, focusing on the actual security situation faced by the CAS office terminals, we carried out a detailed functional and non-functional requirement analysis, and then developed the goal that the system needed to complete. After requirement, thesis introduced the technology the system design and development need, such as Java EE technology, Struts 2, Spring, Hibernate framework, IIS Web server and SQL Server databases.Thirdly, the hierarchical module system was designed. System was divided into three levels: data persistence layer, service layer and control layer, and used MVC design pattern to decouple the system. After the design of system, we used E-R model to design database.Finally, in accordance with system design, we used Struts2, Spring, Hibernate framework to build system. When building the system we fully used the Spring Io C container for dependency injection, so modules could be in loose organization and the flexibility of the system was improved. After the completion of the functional requirements of the system, based on threat modeling, data persistence layer was added SQL injection attack defender. In the Web layer is added XSS filter and CC attack filter. So security of security management system has been improved. Finally, from a functional view we verified the feasibility and effectiveness of the system and demonstrated the system to meet the design requirements. The system has practical value. |
PDF Full Text Request