摘要
访问控制是信息安全和开放的Web服务器必须满足的安全需要。主流的访问控制技术是从系统整体考虑,提供实施访问控制策略的技术平台。文章从信息安全和经济效益的角度综合考虑,提出了针对不同Web需求的部分访问控制技术,它在整体访问控制技术平台的基础上,根据Web访问浏览实际过程,利用脚本ASP执行访问任务的特点,以及URL传递参数表达资源在数据库中的位置属性,实现对Web信息资源的部分访问控制,在低成本付出的基础上解决了Web访问的安全性问题。
Access control technology is necessary for information security and open Web service.Main access control technology considers the system as a whole and provides the technical platform to implement access control policy.In the view of information security and economic benefit,this article presents part access control technologies according to different demands of Web.Based on the platform of whole access control technology,according to the process of Web browsing,part access control of Web information resource can be realized through script Microsoft Active Server Pages(ASP) access and the pass parameters of Uniform Resource Locator(URL) expressing the attributes of location in database.It can resolve security problems of Web access at a low cost.
出处
《信息与电子工程》
2010年第3期349-352,共4页
information and electronic engineering
