The Design And Implementation Of Secure Web Government Affairs Management System

With the continuous development of network technology, e-government affairs system has been widely used in the management of government department. At the same time, due to the openness and anonymity of the network environment, there are many information security flaws in the most of web system. According to the management requirement of supervision department, in this thesis, web government affairs management system is designed to manage compulsory verification measuring instruments. In order to recover flaws of normal web system, information security technology is applied to web government affairs management system.In the aspect of function realization,the regulatory function is implemented in the management of compulsory verification measuring instruments. The module of basic information and user management are designed to manage basic data and users. The process of instrument management is implemented for application, approval, verification, and uploading verified results. And webservice is applied to implement data synchronization.Taking information security into consideration, security issues, which exist in the management of compulsory verification measuring instruments, are analyzed. Therefore, the technologies of data encryption, identity authentication, access control and text watermarking are applied to improve the security of this system.(1) Data encryption and digital signature are used to protect sensitive data of this system. Message digest is generated by using MD5 function, then RSA encryption algorithm is applied to conduct digital signature. At last, sensitive data and digital signature are encrypted by DES.(2) The method of Static password and Digital Certificate are employed as the implement of identity authentication. Digital Certificate with information of server is generated, and it is verified through https protocol.(3) The control method of role permissions is applied to realize access control. In theapplication of e-government affairs system, different roles represent different data access. With the practical application of the system in mind, the access control module with three levels is constructed.(4) In order to prevent maliciously copying and using documents, watermarking information is embedded in documents through line moving operator.According to the description above, the secure web government affairs management system is designed and implemented based on the framework of Hibernate and Spring.