ASP网站的安全性研究与实现

ASP Web Security Research and Implementation

ASP（Active Serve Page）是由微软开发的一种服务器端脚本开发环境，它结合了ADO组建，能够完成Web数据库中如增删、查询、更新等绝大部分功能，也可以创建及运行交互、动态的服务程序，能够在很大程度上给数据库运行带来便捷，但在技术运行中也存在着很多安全方面的漏洞，如何解决这一问题对于网络环境下的数据安全及应用系统的正常运行有着极其重要的意义。本文笔者结合自己对ASP动态网站的开发经验，就ASP程序设计中信息安全方面存在的隐患进行分析，对ASP网站设计中的常见安全漏洞进行了探讨，并从程序设计的角度提出了自己关于WEB信息安全防范的揸议以棋泰老．

ASP（Active Serve Page）is developed by Microsoft as a server-side scripting development environment,which combines the ADO formed,to complete a Web database,such as deletions,query,update,etc.Most of the functions,you can create and run interactive and dynamic service program,to a great extent to bring convenience to the database to run,but in the technical operation,there are a lot of security vulnerabilities,how to solve this problem for the network environment,data security and application systems to normal operation has an important significance.This author combines his own on the ASP dynamic website development experience,the ASP program design information security risks that exist in the analysis of the ASP website design common security vulnerabilities were discussed, and from the programming point of view put forward their own on the WEB information security recommendations for reference.