摘要
针对一般网络应用系统的特征,融合了数据加密、身份认证和访问控制三种安全技术和机制,并充分考虑了系统安全性需求与可用性、成本之间的平衡,提出了一个以信息资源传输和存储安全保护,身份认证安全管理和资源访问安全控制为基本要素的网络应用系统信息安全模型,为加强中小型企业网络应用系统安全性提供了一个比较简单可行的方案。
The paper presents and information security model for Internet application system in the light of features of general Internet application system which consists of three basic elements : security protection of information transmission and storage,identity authentication safety management and resource access authorization. The model merged security three technologies and mechanism including data cryptograph, identity authentication and access authorization and took full account of system balance among security requirement, availability and cost. The model provides a fairly easy and feasible approach to small and medium-sized enterprises for strengthening securities on their Internet application system.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第5期244-245,278,共3页
Computer Applications and Software
关键词
安全技术和机制
身份认证
访问控制
数据加密
Security technology and mechanism Authentication Authorization Data encrypt
