摘要
针对基于加密保护统一资源定位符(Uniform Resoure Locator,URL)的算法模型存在安全和性能问题,提出一种基于短链接保护URL的映射模型。映射模型将要访问的URL映射为一个短链接,将映射关系存入KK高速缓存,返回短链接给用户。然后用户访问短链接,系统截获该请求,查询高速缓存将短链接解析为URL,再将URL替换为真实的请求,完成后续的处理流程。整个映射模型中,用户只能看到短链接,无法获取进一步的信息,也不能修改GET参数,从而达到保护系统的目的。在PHP中测试发现,映射模型比算法模型快几十倍。映射模型具有处理速度快和不存在密钥泄漏威胁等优点,能够提高Web应用的安全性。
Aiming at the security and performance problems of URL protection model based on encryption algorithm,an URL protection model based on short link mapping is proposed.The mapping model maps an URL that will be accessed onto a short link,stores the mapping relationship in the KK cache,and returns the short link to the user.When the user accesses the short link,the system intercepts the request,query the cache to map the short link onto the URL,and then replaces the URL with the real request to complete the subsequent processing flow.In the mapping model,users can only see short links,can not obtain further information,and can not modify the get parameters,thus achieving the goal of protecting the system.Tests in PHP found that the mapping model is dozens of times faster than the algorithm model.The mapping model has the advantages of fast processing speed and no threat of key leakage,which can improves the security of Web applications.
作者
张文盛
章红琴
Zhang Wensheng;Zhang Hongqin(Center for Information Technology and Network Management,Radio&TV University,Hefei 230022,China;Second Marketing Department,Hefei Hengzhuo Technology Limited,Hefei 230022,China)
出处
《信息技术与网络安全》
2019年第12期15-18,25,共5页
Information Technology and Network Security
基金
2018年度安徽高校自然科学研究项目(KJ2018A0686)
安徽电大科研项目(JY17-01)
