图书馆网站内容防护系统的研究与实现
|
摘要
随着互联网的发展,网络环境下的信息资源将面临着黑客攻击、病毒感染等一系列的威胁,如何保证数据的保密性、完整性、可靠性和可用性是个急待解决的问题。目前,我国对于网络信息安全的问题非常重视,许多科研机构和企事业单位也在这一领域进行着卓有成效的研究。然而,直接针对图书馆界网站内容防护的研究却不多,虽然大多数图书馆都已经建立了网站,但对于其网站的内容防护却少有关注,或重视不够。
围绕图书馆网站内容安全防护系统的研究与实现这一主题,本文所做的工作主要体现在:
1.在综合与比较现有信息系统安全防护模型的基础上,充分考虑了图书馆网站内容防护的应用背景,提出了网站内容安全防护模型。该模型较普通的网站内容防护模型,既具有针对特定的用户群,充分考虑图书馆网站内容防护的个性特点,也具有良好的可扩展性;
2.在深入分析数字签名技术、多线程技术的基础上,给出了签名文件的统一格式,实现了对网页防护的监控,提高了系统的效率;
3.设计与实现了图书馆网站内容安全防护系统,该系统由定制检测网页模块,定时检测模块,实时检测模块,日志管理模块和数据备份模块五部分组成。经测试,该系统较好地解决了图书馆网站内容安全防护问题,有效地提高了系统的安全性。
本论文的研究成果已经在某省图书馆网站得到应用,为图书馆网站内容防护的研究提供了新的思路和方法,具有一定的实用价值。
With the development of Internet, information resources in network are threatened by the attack of hackers and viruses. It is urgent to guarantee the confidentiality, integrity, reliability and availability of information. Now, our country is beginning to realize the importance of the security of website information, and many scientific institutions and enterprises are researching and exploring in this field. However, there are only a few of researches straight aimed at content protected of library website. Many libraries have established their own websites, but few attention are paid to the content protection of website, or the recognition was not enough at all.Surrounding the research and implementation on Content Protection System of Library Website(CPSLW), the following contents are studied in this thesis.1.On the Base of the integration and comparison of the security protecting models of information system at present, a model of security protecting of Website content was proposed. Compared with common model of content protection of Website, this model has not only the characteristic of aiming at the specific user group, but also possesses good expansibility.2. Based on the thorough analysis of digital sign technique and multithreading technique, the uniform format of signature format was presented, the supervision of content protected of website was realized, and the efficiency of system was improved.3. The CPSLW is designed and realized. The system is composed of customizing checking web page module, timing checking module, real time checking module, log managing module, data backup module and so on. After tested, the problem of content security protection of library website was mainly solved, and the security of system was also improved effectively.The research done in this dissertation has already been applied to a library website of certain province. It provides a new method of library web content protection and has important practical values.
围绕图书馆网站内容安全防护系统的研究与实现这一主题,本文所做的工作主要体现在:
1.在综合与比较现有信息系统安全防护模型的基础上,充分考虑了图书馆网站内容防护的应用背景,提出了网站内容安全防护模型。该模型较普通的网站内容防护模型,既具有针对特定的用户群,充分考虑图书馆网站内容防护的个性特点,也具有良好的可扩展性;
2.在深入分析数字签名技术、多线程技术的基础上,给出了签名文件的统一格式,实现了对网页防护的监控,提高了系统的效率;
3.设计与实现了图书馆网站内容安全防护系统,该系统由定制检测网页模块,定时检测模块,实时检测模块,日志管理模块和数据备份模块五部分组成。经测试,该系统较好地解决了图书馆网站内容安全防护问题,有效地提高了系统的安全性。
本论文的研究成果已经在某省图书馆网站得到应用,为图书馆网站内容防护的研究提供了新的思路和方法,具有一定的实用价值。
With the development of Internet, information resources in network are threatened by the attack of hackers and viruses. It is urgent to guarantee the confidentiality, integrity, reliability and availability of information. Now, our country is beginning to realize the importance of the security of website information, and many scientific institutions and enterprises are researching and exploring in this field. However, there are only a few of researches straight aimed at content protected of library website. Many libraries have established their own websites, but few attention are paid to the content protection of website, or the recognition was not enough at all.Surrounding the research and implementation on Content Protection System of Library Website(CPSLW), the following contents are studied in this thesis.1.On the Base of the integration and comparison of the security protecting models of information system at present, a model of security protecting of Website content was proposed. Compared with common model of content protection of Website, this model has not only the characteristic of aiming at the specific user group, but also possesses good expansibility.2. Based on the thorough analysis of digital sign technique and multithreading technique, the uniform format of signature format was presented, the supervision of content protected of website was realized, and the efficiency of system was improved.3. The CPSLW is designed and realized. The system is composed of customizing checking web page module, timing checking module, real time checking module, log managing module, data backup module and so on. After tested, the problem of content security protection of library website was mainly solved, and the security of system was also improved effectively.The research done in this dissertation has already been applied to a library website of certain province. It provides a new method of library web content protection and has important practical values.
引文
[1] http://www.riptech.com
[2] http://www.people.com.cn
[3] 高延玲,张玉清,白宝明,王新梅.网页防护系统综述,计算机工程,2004.5
[4] 刘欣然.网络攻击分类技术综述.通讯学报,2004.7
[5] Best Web Site Protect solution—Webpage Protector, http://www.share2s.com/protect.html
[6] WebAgain, Automatic Web Site Protection, http://www.lockstep.com/products/webagain/wa-nroduct.html
[7] 安泰科创推出核心内嵌式网页防篡改系统,http://www.chin.com.cnlhydt/dz/dz0209/dz0910-1.htm
[8] 长沙雨人WebKeeper网站监测与自动修复系统,http://www.csyuren.com/product.htm
[9] 龙马卫士防主页篡改系统,http://www.wlm.com.cn/products/wlmweb.htm
[10] JITsWeb吉大正元安全信息发布管理系统,http://www.jit.com.cn/level/leve12/leve112sweb.htm
[11] 三0盛安鹰眼主页防篡改系统,http://www.30san.com/np_01hawkeye04.htm
[12] 伟思信安网站防护神WaveBreaker,http://www.victory-idea.com/download/userguide.htm
[13] 中创网页防篡改系统,http://www.cvicse.com.cn/index.jsp
[14] “磐石”网站监控与恢复系统技术白皮书,http://www.netpower.com.cn/JIEJUE/chanpin/baipishu/web.pdf
[15] 诺方网页卫士,http://www netfront.com.cn/products/guard.htm
[16] Robert L. Scheier. Safer Than You Think. Computerworld, 2002. 36
[17] Paul Baracos. Hackers seek leaks in insecure Web sites. InTech/Instrument Society of America, 2000. 2
[18] Website Security Administrator Authorization Lawson Support Website-http://support.lawson.com
[19] 蔡敏.加密技术浅析.网络信息安全,2004.12
[20] 冯登国,密码分析学.北京:清华大学出版社,2002
[21] E. Bham. New Types of Cryptanalytic Attacks Using Related Keys. Technical Report #753, Computer Science Department, Technion-Israel Institute of technology, Sep 1992.
[22] Markus G. Kuhn. An Asymmetric Security Mechanism for Navigation Signals. www.cl.cam.ac.uk/-mgk25/
[23] M. Bishop. An Application for a Fast Data Encryption Standard Implementation. Computing Systems, v. 2, n. 4, Dec 1991, pp. 221-254.
[24] 刘娇蛟,晋建秀.基于单向散列函数的双向身份鉴别.信息技术,2004.7
[25] E. Biham. On the Applicability of Differential Cryptanalysis to Hash Functions. Lecture at EIES Workshop on Cryptographic Hash functions, 17 Mar 1992.
[26] 薛之昕,洪胜华.数字签名算法MD5的FPGA高速实现.信息技术,2004.9
[27] T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms IEEE Trans. Inform. Theory, 31, 469-472, 1985.
[28] 刘知贵,杨立春.基于PKI技术的数字签名身份认证系统.计算机应用研究,2004.9
[29] 唐权华,金炜东.成长性身份认证.网络安全技术与应用,2004.12
[30] Chaum, David. "Secret Ballot Receipts and Transparent Integrity-Better and less-costly electronic voting at polling places", http://www.vreceipt.com/article.pdf
[31] 郭正荣,周城.SSL协议工作过程及其应用.网络安全技术与应用,2004.5
[32] 钟熙宇.SSL协议及其应用.计算机与数字工程,2004.5
[33] 钱秀槟.基于数据库的动态网页内容监控技术.计算机安全,2003.10
[34] 黎中志.高校图书馆网站建设研究.重庆工商大学学报(自然科学版),2004.2
[35] 王玲,连宇江.简论图书馆网站建设的原则.图书馆论坛,2004.1
[36] 中华人民共和国保守国家秘密法[S].1989,5
[37] 邢栩嘉,林闯.计算机系统脆弱性评估研究.计算机学报,2004.1
[38] 赵英杰,杨晓蓉.网络环境下的信息安全及其研究方向.农业网络信息,2004.3
[39] 黄亮,黄菊香.校园网络信息安全的威胁与防范.现代情报,2004.1
[40] 刘燕妮.信息时代图书馆网络安全与对策.重庆工商大学学报(自然科学版),2004.1
[41] 黄德玲.关于公共图书馆网站建设的思考.安徽农业大学学报(社科版),2004.4
[42] http://www.hk.is-one.net/eng/security_solution.htm, 2004. 03.
[43] http://www.kingshield.com/netsec/solution.asp, 2004. 03.
[44] IATF 3.0, Information Assurance Technical Framework 3.0, 2000. 09, National Security Agency(NSA), American. http://www.iatf.net.
[45] 中国计算机软件与技术服务总公司信息安全实验室.中国信息安全体系结构基本框架与构想.http://xexploit.css.com.cn/about/news/12.htm,2002.8.28.
[46] 赵战生,左晓栋.警惕内贼.中国计算机报,2001.08.09.
[47] 赵战生.信息安全保障的技术需求和发展.赛迪评测,2002.8.22.
[48] 裴晋泽,胡华平,周金泉.基于APDR信息系统安全防护体系模型的分级防护策略研究.中国计算机学会信息保密专业委员会论文集第十四卷,2004
[49] 中华人民共和国国家标准——计算机信息系统安全保护等级划分准则
[50] 计算机信息系统安全等级保护数据库管理技术要求——安全等级划分技术要求,2002.7.18
[2] http://www.people.com.cn
[3] 高延玲,张玉清,白宝明,王新梅.网页防护系统综述,计算机工程,2004.5
[4] 刘欣然.网络攻击分类技术综述.通讯学报,2004.7
[5] Best Web Site Protect solution—Webpage Protector, http://www.share2s.com/protect.html
[6] WebAgain, Automatic Web Site Protection, http://www.lockstep.com/products/webagain/wa-nroduct.html
[7] 安泰科创推出核心内嵌式网页防篡改系统,http://www.chin.com.cnlhydt/dz/dz0209/dz0910-1.htm
[8] 长沙雨人WebKeeper网站监测与自动修复系统,http://www.csyuren.com/product.htm
[9] 龙马卫士防主页篡改系统,http://www.wlm.com.cn/products/wlmweb.htm
[10] JITsWeb吉大正元安全信息发布管理系统,http://www.jit.com.cn/level/leve12/leve112sweb.htm
[11] 三0盛安鹰眼主页防篡改系统,http://www.30san.com/np_01hawkeye04.htm
[12] 伟思信安网站防护神WaveBreaker,http://www.victory-idea.com/download/userguide.htm
[13] 中创网页防篡改系统,http://www.cvicse.com.cn/index.jsp
[14] “磐石”网站监控与恢复系统技术白皮书,http://www.netpower.com.cn/JIEJUE/chanpin/baipishu/web.pdf
[15] 诺方网页卫士,http://www netfront.com.cn/products/guard.htm
[16] Robert L. Scheier. Safer Than You Think. Computerworld, 2002. 36
[17] Paul Baracos. Hackers seek leaks in insecure Web sites. InTech/Instrument Society of America, 2000. 2
[18] Website Security Administrator Authorization Lawson Support Website-http://support.lawson.com
[19] 蔡敏.加密技术浅析.网络信息安全,2004.12
[20] 冯登国,密码分析学.北京:清华大学出版社,2002
[21] E. Bham. New Types of Cryptanalytic Attacks Using Related Keys. Technical Report #753, Computer Science Department, Technion-Israel Institute of technology, Sep 1992.
[22] Markus G. Kuhn. An Asymmetric Security Mechanism for Navigation Signals. www.cl.cam.ac.uk/-mgk25/
[23] M. Bishop. An Application for a Fast Data Encryption Standard Implementation. Computing Systems, v. 2, n. 4, Dec 1991, pp. 221-254.
[24] 刘娇蛟,晋建秀.基于单向散列函数的双向身份鉴别.信息技术,2004.7
[25] E. Biham. On the Applicability of Differential Cryptanalysis to Hash Functions. Lecture at EIES Workshop on Cryptographic Hash functions, 17 Mar 1992.
[26] 薛之昕,洪胜华.数字签名算法MD5的FPGA高速实现.信息技术,2004.9
[27] T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms IEEE Trans. Inform. Theory, 31, 469-472, 1985.
[28] 刘知贵,杨立春.基于PKI技术的数字签名身份认证系统.计算机应用研究,2004.9
[29] 唐权华,金炜东.成长性身份认证.网络安全技术与应用,2004.12
[30] Chaum, David. "Secret Ballot Receipts and Transparent Integrity-Better and less-costly electronic voting at polling places", http://www.vreceipt.com/article.pdf
[31] 郭正荣,周城.SSL协议工作过程及其应用.网络安全技术与应用,2004.5
[32] 钟熙宇.SSL协议及其应用.计算机与数字工程,2004.5
[33] 钱秀槟.基于数据库的动态网页内容监控技术.计算机安全,2003.10
[34] 黎中志.高校图书馆网站建设研究.重庆工商大学学报(自然科学版),2004.2
[35] 王玲,连宇江.简论图书馆网站建设的原则.图书馆论坛,2004.1
[36] 中华人民共和国保守国家秘密法[S].1989,5
[37] 邢栩嘉,林闯.计算机系统脆弱性评估研究.计算机学报,2004.1
[38] 赵英杰,杨晓蓉.网络环境下的信息安全及其研究方向.农业网络信息,2004.3
[39] 黄亮,黄菊香.校园网络信息安全的威胁与防范.现代情报,2004.1
[40] 刘燕妮.信息时代图书馆网络安全与对策.重庆工商大学学报(自然科学版),2004.1
[41] 黄德玲.关于公共图书馆网站建设的思考.安徽农业大学学报(社科版),2004.4
[42] http://www.hk.is-one.net/eng/security_solution.htm, 2004. 03.
[43] http://www.kingshield.com/netsec/solution.asp, 2004. 03.
[44] IATF 3.0, Information Assurance Technical Framework 3.0, 2000. 09, National Security Agency(NSA), American. http://www.iatf.net.
[45] 中国计算机软件与技术服务总公司信息安全实验室.中国信息安全体系结构基本框架与构想.http://xexploit.css.com.cn/about/news/12.htm,2002.8.28.
[46] 赵战生,左晓栋.警惕内贼.中国计算机报,2001.08.09.
[47] 赵战生.信息安全保障的技术需求和发展.赛迪评测,2002.8.22.
[48] 裴晋泽,胡华平,周金泉.基于APDR信息系统安全防护体系模型的分级防护策略研究.中国计算机学会信息保密专业委员会论文集第十四卷,2004
[49] 中华人民共和国国家标准——计算机信息系统安全保护等级划分准则
[50] 计算机信息系统安全等级保护数据库管理技术要求——安全等级划分技术要求,2002.7.18