摘要
随着互联网行业的快速崛起,无论是对于企业还是用户,都面临用户隐私或者用户数据的保护问题。各种用户信息泄露事件层出不穷,Web应用的安全问题日益凸显,如何有效保护企业数据安全是开发者紧迫需要解决的问题。需要一个简单、有效、强大和容易使用的权限的描述符,能轻松和应用程序融合,解决企业安全应用面临的各种安全问题。如何有效、准确和简单地保护用户数据,细粒度和多层次地控制用户对于资源的访问权限,成为一个亟待解决的问题。
With the rapid rise of the Internet industry,both corporate and user users are facing the protection of user privacy or user data.Various user information disclosure incidents emerge one after another,and the security of Web applications is becoming more and more prominent.How to effectively protect enterprise data security is an urgent problem that developers need to solve.A simple,efficient,powerful,and easy-to-use descriptor is needed to easily integrate with applications to address the security issues facing enterprise security applications.How to effectively,accurately and simply protect user data,and achieve the general fine-grained and multi-level control of the user′s access to resources has become an urgent problem to be solved.
作者
刘志涛
周淦
Liu Zhitao;Zhou Gan(National Computer System Engineering Research Institute of China,Beijing 100083,China)
出处
《信息技术与网络安全》
2019年第2期29-32,共4页
Information Technology and Network Security
关键词
Shiro
安全框架
认证
授权
加密
Shiro
security framework
authentication
authorization
encryption
