摘要
随着Web技术的不断发展,Web技术得到广泛应用,针对Web应用的攻击方法也日新月异。针对Web应用安全防御中出现的防护方法不当等问题,提出了一种基于系统生命周期的Web应用系统安全解决方案。方案在系统的设计、建设、部署和运维中融入了安全设计、安全部署、加固防护、安全测评及应急响应等安全措施,弥补了传统安全防护方案在应用安全防护方面的不足,具有一定的实用价值。
To solve the problems in web application security protection, a comprehensive solution based on the life cycle of Web application is proposed, and various Web application security measures are fused in the system design, construction, deployment, operation and maintenance. This solution could remedy the deficiencies in application security of traditional security solutions, and thus is of certain practical value.
出处
《信息安全与通信保密》
2010年第11期48-50,共3页
Information Security and Communications Privacy
