摘要
按照国家涉密信息系统分级保护标准规范要求,涉密信息系统需要对用户上传的涉密表单附件标定密级,限制低密级用户访问,并且加密存储。针对这个共性需求,提出了一种涉密表单附件PaaS服务设计方案,为基于PaaS平台搭建的各类涉密应用提供统一的附件服务,实现涉密附件的上传、登记、加密、存储、下载和管理功能,按照保密标准严格控制附件的允许访问的人员范围,上传下载过程中自动加密、解密,加密过程对用户透明,同时利用PaaS技术平台提供的应用伸缩能力,解决大批量文件加解密带来的性能瓶颈问题。
According to the national standards for classified protection of classified information systems,classified information systems need to identify secret level of classified forms attachment,restrict accessing of low-classified users,and store attachment with encryption.Aiming at this common requirement,a PaaS service design for classified form attachments is proposed,which provides a unified attachment service for all kinds of classified applications based on Paa S platform,realizes the functions of uploading,registering,encrypting,storing,downloading and managing for attachments,and strictly controls the accessors of attachments according to the security standards.user scope,implements automatic encryption and decryption in the process of uploading and downloading,the encryption process is transparent to users.At the same time,the application scalability provided by Paa S platform is used to solve the performance bottleneck caused by the encryption and decryption of large quantities of documents.
作者
胡昌平
姜厚禄
卞德志
杨哲
HU Chang-ping;JIANG Hou-lu;BIAN De-zhi;YANG Zhe(CSIC Information Technology Co.,Ltd.,Lianyungang 222006,China;Jiangsu Automation Research Institute,Lianyungang,222006,China)
出处
《软件》
2019年第11期208-212,共5页
Software
