Mobile Library System Security Solutions

The mobile library system is a new series of library system;it came into being with the rapid development of communication technology,especially the wireless communication technology and the Internet technology.The mobile library system provides the enterprise the advantage for mordern management and the higher efficiency,the system could raise the efficiency,improve the office work.Most of mobile library systems are based on the WAP protocol,but the WAP protocol has an objection in security.In its way,the data encrypted with WTLS protocol should be decrypted when it reached the WAP gateway,and then the gateway encrypted it with SSL protocol,and sent it to the application servers.Objectively,some users with hostility could sniffer the decrypted data,and attack the system in this way.And,we should also notice that the LAN the servers work in is also in danger of the attack from the users with hostility.In this thesis,through the study on the WAP protocol,the risks of the mobile library system,and the existing security solutions,a security solution is proposed for the mobile library system.The solution uses the AES algorithm to encrypt the communication data between the servers and the mobile terminals in order to provide the confidentiality.It was programmed with java for the particular of the moblie library system.According to the application servers,the solutions use the IDS to secure the servers.This solution does not take any modification to the underlying protocol and the network infrastructure,and it could be implemented with moblie terminals of poor resources.The work the author has done is:1.Study the WAP protocol,the risks of the mobile library system,and the existing security solutions.Propose a security solution for the mobile library system.2.Research the AES algorithm and the principles of its design.Implement the AES encrypt algorithm fit for the PCs and mobile terminials.Improve the efficiency of the algorithm with optimized method.Analyze the performance by the test experiment.3.Study the principles and the technology of the IDS.Research the snort system as the representative system.Propose a modified model by the study of the linchpin of improving the system.Install and improve the system based on the study.Analyze the performance by the test experiment.