TIAN Yu-hong,WANG Ze-bing,FENG Yan

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.24.029

2006-01-01

Abstract:The Java virtual machine(JVM)is used more frequently as the basic engine behind dynamic web services.With the proliferation of network attacks on these network resources,much work are done to provide security for the network environment.Little effort has been placed on securing a Java web server where the attacker has a valid login to the host machine.After describing the vulnerabilities in Java's security mechanisms,an extended security system based on Java 2 security architecture is introduced.It also explains the runtime status of system.The increased assurance of correct system operation and the integrity of Java application server are provided.

Wenbin Jiang,Hao Dong,Hai Jin,Hui Xu,Xiaofei Liao

DOI: https://doi.org/10.1007/978-3-642-37015-1_23

2013-01-01

Abstract:Web service technologies have been widely used in diverse applications. However, there are still many security challenges in reliability, confidentiality and data nonrepudiation, which are prominent especially in some Web service systems that have massive resources in diverse forms. An enhanced mechanism for secure accesses of Web resources is presented and implemented based on the combination of modules of identity authentication, authorized access, and secure transmission to improve the security level of these systems. In the identity authentication, the highly safe and recognized authentication method U-Key is used. For the aspect of authorized access, the integration of an improved Spring Security framework and J2EE architecture is applied to ensure authorized access to Web resources, while the security interceptor of Spring Security is extended and a series of security filters are added to keep web attacks away. Moreover, some improvements of the XML encryption and XML decryption algorithm are made to enhance the security and speed of data transmission, by means of mixing RSA and DES algorithm. The above security mechanism has been applied to an online virtual experiment platform based on Web services named VeePalms. The experimental results show that most security problems with high severity in the system have been solved and medium-low severe problems degreased dramatically.

黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

GAN Zhi-hua,JI Chao

DOI: https://doi.org/10.15991/j.cnki.411100.2005.04.023

2005-01-01

Abstract:Aboutthe security based on B/S structure,this paper puts forward a Resolvment at filtration of sensitive information.Actual test indicates that the scheme is effective and feasible.

Wenbin Jiang,Hui Xu,Hao Dong,Hai Jin,Xiaofei Liao

DOI: https://doi.org/10.3906/elk-1303-12

2016-01-01

TURKISH JOURNAL OF ELECTRICAL ENGINEERING & COMPUTER SCIENCES

Abstract:Web service-based application has become one of the dominative ones of the Internet. This trend brings more and more security challenges in reliability, confidentiality, and data nonrepudiation, especially in some systems that have massive diversified resources. An improved framework for secure accesses of Web resources is presented and implemented by extending and enhancing the Spring Security framework. It improves the security level of systems for identity authentication, authorized access, and secure transmission. The highly safe authentication is based on the integration of an improved authentication module of Spring Security with a U-key method and a RSA algorithm. For authorized access, the Spring Security's ACL (access control list) mechanism is improved by optimizing the domain object-level access control. For secure transmission, a compromising method is presented to take both the security level and the speed of data transmission into account by means of mixing the RSA and DES algorithms. In addition, the security interceptor of Spring Security is extended and a series of security filters are added to keep Web attacks away. The above improved security framework has been applied to an online virtual experiment platform named VeePalms. The experimental results show that most security problems with high severity in the system have been solved and medium-low severe problems decreased dramatically. Moreover, VeePalms has been used in practice for about 2 years, which has proved the effectiveness of the security framework.

Xiao-ping LI,Hong ZHONG,Yan DING,Zhi XIANG,Hai-sheng HU,Xue-lin WU,Qi ZHANG,Jian-xue ZHU

DOI: https://doi.org/10.3969/j.issn.1004-0579.2002.02.020

2002-01-01

Journal of Beijing Institute of Technology

Abstract:A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all-sided, multi-tier and multi-technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi-tier technology can improve the security of database. Double keys method is a useful data encryption method.

XIONG Guang-cai,MU De-jun,ZHANG Xin-jia,JI Guo-jun

2012-01-01

Abstract:With the extensive application of web services and the rapid development of network technology,a web service security framework,which is compatible to various clients,is in need.We use the file configuration,encryption algorithm and program control module,implement a web service security framework which satisfies WS-Security specification based on Axis2.The service communicates with various clients under SOAP protocol.The experimental results indicate that the framework implements digital signature,message encryption,roles based access control and could communicate with various web services clients that are based on SOAP network communication protocol,has a good security and compatibility.The security framework is an efficient solution for web service of enterprise.

马克,宋长新

DOI: https://doi.org/10.3969/j.issn.1008-0570.2008.27.028

2008-01-01

Abstract:Based on the research of Web security specifications, it put forwards a message level security model for the typical Web Services application. It provides both security transport of SOAP messages and an access control security. ' The model uses XKMS as a replacement of PKI and SAML assertion to exchange authentication as well as authorization information of users. The implement of the model depends on a message processing security.

Hui Yuan,Lei Zheng,Liang Dong,Xiangli Peng,Yan Zhuang,Guoru Deng

DOI: https://doi.org/10.1007/978-3-030-15235-2_66

2019-04-25

Abstract:With the rapid development of Internet technology, Web applications are widely used in all walks of life, and their security requirements are increasing. Unfortunately, at present, the development of Web security technology still lags behind the development of Web application technology itself. The Web application itself and its operating environment are still relatively fragile, and its operating environment is easily forged or modified, making Web applications gradually become malicious. The object of the attack is frequently attacked. This paper investigates and analyzes the common vulnerabilities in web applications, deeply studies the basic characteristics of these vulnerabilities, and understands the principles and solutions of vulnerabilities. The static analysis method is used to analyze the vulnerabilities, and the static analysis methods are used to solve the security vulnerabilities in the Java web project.

Chen Guilin,Zhao Shenghui,Chen Haibao,Ji Chengchao

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.02.025

2009-01-01

Abstract:Current Web services security technologies are relatively independent.However,it needs an overall security design for the whole application integrating solution.An integrated Web services security model is proposed,where the formal definition of the model and the key implementation techniques are given.The model achieves following security targets:uniform identity authentication based on certification,role-based access control and secure SOAP message transmission,which makes the model have characteristics of openness and dynamic adaptation.A prototype system is developed based on this model,the running results show that it can achieve above three secure targets,and makes the whole system more secure than single security technology.

申永军,董彬峰,吴小华

DOI: https://doi.org/10.3969/j.issn.1009-8097.2010.01.029

2010-01-01

Abstract:As the first defense line of network application systems,the identity authentication is the most important secure service.In the process of college education informatization,how to protect the information resource of college has caused extensive concern.In this paper,on the foundation of introduction of a one-time password identity authentication system---S/key system and Java Socket technology,we implement the one-time password identity authentication system In College Education Informatization using Java Socket technology,and give some important code as reference.

陈阳,佘堃,周明天

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.01.038

2005-01-01

Abstract:Here gives a design of expending security of J2EE architecture, which applied role-based access control to Web application on Internet. Web resources are considered as entitys identifiered by URI. An additional tire is applied to Web container to adapt 3th security products. The security issue considered in development phase can be moved to deployment.

CUI Jian-Ming,FAN Li-Lin,WANG Xiao-Dong

DOI: https://doi.org/10.3969/j.issn.1672-6871.2006.03.012

2007-01-01

Abstract:Security and reliability of Web Services-based distributed system is introduced.Main technologies of current Web Services data transfer are analyzed and their weak points discussed.On this base,a detailed solution,which is a combination of encryption and digital signature to communicate with customer-end with canonical XML,is put forward.The transfer security of share data and the reliable trust relation between Web Services Server and customer is enhanced by this solution.

Chen Zhao,Yang Chen,Dawei Xu,NuerMaimaiti Heilili,Zuoquan Lin

DOI: https://doi.org/10.1007/11563952_54

2005-01-01

Abstract:In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork of security controls no longer suffices. Enterprises require a comprehensive solution that provides centralized security management, from authentication, to authorization and to auditing. To this end, we present a design and implementation of an integrative security management solution for Web-based enterprise applications, WebDaemon. It provides Single Sign-On to multiple Web applications. It also provides restricted access to Web-based content, portals, and Web applications based on Role-Based Access Control (RBAC) policies. The WebDaemon can help enterprises secure all Web resources with consistency of policy management and reduced administrative costs.

Wenjun Zhang

DOI: https://doi.org/10.1109/IITSI.2010.8

2010-01-01

Abstract:To address the challenges in Web services security, the author firstly analyzed threats facing Web services and related security standards, presented integrated security framework based on use of authentication, authorization, confidentiality, and integrity mechanisms for Web services, and proposed how to integrate and implement these security mechanisms in order to make Web services robust against the attacks.

Jiang Lifeng,Zhao Baohua

DOI: https://doi.org/10.3321/j.issn:1002-8331.2006.18.071

2006-01-01

Abstract:In the face of more and more problems of security of application information system,this paper analyses the disadvantage and shortage of traditional authentication authorization system.It promotes the whole structure of authentication authorization system based on the Java Authentication Authorization Service framework and model of Role-Based Access Control and its realization process are given.Some relative key techniques including the design of authentication module and authorization module are emphasized.

Xu Qiting,Wang Xin,Gao Chuanshan

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.08.063

2007-01-01

Abstract:The security architecture of J2ME is introduced.through two aspects:JVM Security and Application Security;brings up how to exchange senstive datas in wireless network by analyzing the methods about wireless security provided by J2ME MIDP2.0.Then,considering the existing security problems,some viable suggestions are presented.

Liyan Chen,Qingqiang Wu,Huicheng Fu,Guanhong Qi

DOI: https://doi.org/10.1109/cecnet.2013.6703352

2013-01-01

Abstract:The paper presents an authentication system that allows the user to query expansive training certification records for the university student. Firstly, we analyze the requirements of authentication system and come up with feasible solutions on the basis of learning the plan on expansive training to the cultivation of student quality. Before carrying out the system, the paper introduces the design thought of developing the system and the network technology it needs, and decides the design idea of oriented object, technique standard of J2EE and Web Service as technical solutions. In the end of the paper, it mainly discusses how to apply the J2EE technology to design the whole framework of authentication system.

杨家海

DOI: https://doi.org/10.3969/j.issn.1000-7180.2003.12.020

2003-01-01

Abstract:After an overview of existing security control methods in CSCW systems, the paper proposes a new security control model which introduced the X.509 certificate-based authentication method into CSCW systems. Based on this model, the design and implementation of a secure multimedia conference system prototype, MCS/CA are discussed. In contrast to conventional conference system, MCS/CA enhanced integrated security control mechanism with certificate application, certificate-based authentication, session key negotiation, and data encryption/decryption.

Yu Dai

DOI: https://doi.org/10.1109/SSAIC61213.2024.00044

2024-01-10

Abstract:This paper uses JSP technology developed based on Java and with good platform scalability. This system has the characteristics of easy maintenance and easy expansion. It puts forward the design and development ideas of interactive dynamic communication website to solve the problems of traditional communication methods. According to the actual situation of interactive dynamic communication website, carry out demand analysis and feasibility analysis. Use the principle of Java technology to build the multimedia remote information platform, start with the connection between the security monitoring part of the multimedia remote information platform and the server and passenger plane, break the traditional method, study the key principle and function of Java technology, and design the multimedia remote information security monitoring platform, The data are analyzed through experiments to find the most suitable platform to ensure the security of remote network communication, so as to ensure the security of multimedia remote data and information.

Education,Computer Science