网络教学支撑平台的安全管理研究与应用
|
摘要
随着教育技术以及计算机网络技术的不断发展,基于网络的远程教学也引起人们的广泛关注,目前已经成为现代远程教学的一个重要形式,而网络教学支撑平台是开展现代远程教学的重要基础。由于网络的开放性、网络协议自身存在的漏洞、应用程序编写者的疏忽等多方面原因造成了很多网络安全问题,因此网络教学支撑平台也存在着这些安全问题。网络教学支撑平台的安全会直接影响到教学活动是否能够正常进行,所以本文作者以网络教学支撑平台为对象较为系统地进行了安全管理方面的研究,提出了针对网络教学支撑平台的安全管理模型构造方法和实施方案,作者并以首都师范大学虚拟学习社区网络教学支撑平台为研究对象,进行了网络教学支撑平台安全管理系统的实际应用,取得了较好的应用效果。
文章主要分为六个部分。
第一部分,主要介绍了远程教育的一系列概念和理论,并且论述了远程教育、网络教学系统的发展和现状。
第二部分,作者介绍网络安全的相关理论,其中主要包括网络安全概述、网络的协议以及网络安全技术中涉及的网络驱动等问题。
第三部分,作者对网络教学支撑平台安全管理中的关键技术进行了详细的分析和研究。分析讨论了访问控制技术、数据包过滤技术以及驱动与应用程序通信技术,并且对他们的发展现状、优势和不足之处进行了分析。为安全管理平台的实现提供了技术的支持。
第四部分,作者在虚拟学习社区的基础上提出了一个网络教学支撑平台安全管理模型,并且详细论述了其结构框架、各模块的功能以及解决方案。
第五部分,作者对模型原型系统的开发过程及实现关键技术做了详细的论述。其中主要论述了数据包过滤模块、协议分析模块以及访问控制模块的实现。
最后,作者根据自己的研究成果指出了需要改进和进一步研究的地方。如何使得安全管理平台在网络教学系统中发挥更加积极有效的作用,还有待进一步的研究和实验。
Along with education technique and calculator networks technical develop continuously, according to the distance education of the network also cause people extensive concern, it become an important form of the modern distance education, and E-Education Platform is a important basic of the modem distance education . Because the network 's opening, network protocols' leak and programmers' neglect etc. various the reason resulted in the secure problem in a lot of networks. The E-Education Platform is used as the systems that medium proceeds teaching activity with the network, therefore it also exists these secure problems. The network education directly influents in safety teaching activity of the platform whether can normal proceeding, so the author studied systematically the secure management of the E-Education Platform, and put forward the security manage the structure method of the model. This security management system regard the conjecture study community of the capital Normal University as the research object, put forward the security management system for E-Education Platform. The article is divided into six parts primarily.
The first part, the author introduces a series of concept that distance education primarily with the theories, and discuss distance education, the development of the network teaching system with present condition.
The second part, the author introduces the security and related theories in network, among them include the network security primarily to say all, the network involved in protocol and analyzed their present condition, advantage and the shortage. The third part, the author analyzed and studied the key technique of E-Education Platform's security management. Analysis and discuss the access control technique, data packages' filter and the communication between driver and application, and analyze to their present condition, advantage with shortage. The security management platform realizes to provide the technical support.
The fourth part, the author put forward the security management model in the
conjecture study community of the capital Normal University, and discussed function
and solutions of his construction frame, each mold piece.
The fifth part, the author to the process of development of the model prototype system
and realize the key technique did the detailed treatise. Among them discussed
primarily the data pack filters mold piece, agreement analysis mold piece and the
access control mold piece.
Finally, the author pointed out the improvements that her study needed according to
her research achievements. Making the system play effective role in E-Education that
need further study and experiments.
文章主要分为六个部分。
第一部分,主要介绍了远程教育的一系列概念和理论,并且论述了远程教育、网络教学系统的发展和现状。
第二部分,作者介绍网络安全的相关理论,其中主要包括网络安全概述、网络的协议以及网络安全技术中涉及的网络驱动等问题。
第三部分,作者对网络教学支撑平台安全管理中的关键技术进行了详细的分析和研究。分析讨论了访问控制技术、数据包过滤技术以及驱动与应用程序通信技术,并且对他们的发展现状、优势和不足之处进行了分析。为安全管理平台的实现提供了技术的支持。
第四部分,作者在虚拟学习社区的基础上提出了一个网络教学支撑平台安全管理模型,并且详细论述了其结构框架、各模块的功能以及解决方案。
第五部分,作者对模型原型系统的开发过程及实现关键技术做了详细的论述。其中主要论述了数据包过滤模块、协议分析模块以及访问控制模块的实现。
最后,作者根据自己的研究成果指出了需要改进和进一步研究的地方。如何使得安全管理平台在网络教学系统中发挥更加积极有效的作用,还有待进一步的研究和实验。
Along with education technique and calculator networks technical develop continuously, according to the distance education of the network also cause people extensive concern, it become an important form of the modern distance education, and E-Education Platform is a important basic of the modem distance education . Because the network 's opening, network protocols' leak and programmers' neglect etc. various the reason resulted in the secure problem in a lot of networks. The E-Education Platform is used as the systems that medium proceeds teaching activity with the network, therefore it also exists these secure problems. The network education directly influents in safety teaching activity of the platform whether can normal proceeding, so the author studied systematically the secure management of the E-Education Platform, and put forward the security manage the structure method of the model. This security management system regard the conjecture study community of the capital Normal University as the research object, put forward the security management system for E-Education Platform. The article is divided into six parts primarily.
The first part, the author introduces a series of concept that distance education primarily with the theories, and discuss distance education, the development of the network teaching system with present condition.
The second part, the author introduces the security and related theories in network, among them include the network security primarily to say all, the network involved in protocol and analyzed their present condition, advantage and the shortage. The third part, the author analyzed and studied the key technique of E-Education Platform's security management. Analysis and discuss the access control technique, data packages' filter and the communication between driver and application, and analyze to their present condition, advantage with shortage. The security management platform realizes to provide the technical support.
The fourth part, the author put forward the security management model in the
conjecture study community of the capital Normal University, and discussed function
and solutions of his construction frame, each mold piece.
The fifth part, the author to the process of development of the model prototype system
and realize the key technique did the detailed treatise. Among them discussed
primarily the data pack filters mold piece, agreement analysis mold piece and the
access control mold piece.
Finally, the author pointed out the improvements that her study needed according to
her research achievements. Making the system play effective role in E-Education that
need further study and experiments.
引文
[1] (美) Michael Howard David LeBlanc 著,程永敬 庄锦山等译,《编写安全的代码》,机械工业出版社
[2] 丁兴富- 《远程教育学》,北京师范大学,面向二十一世纪教材
[3] 徐胜全、何克抗- 基于Internet的教学系统 -http://202.112.88.32/lab/group/ysq/基于Internet的教学系统(修订).htm
[4] 吴中符,符云清,王康,李华.《基于web的远程教育管理及实现》.计算机应用,Vol 18,No 8,Aug.1998.
[5] Mark J.Taylor, David England, David Gresty. Internet Research: Electronic Networking Applications and Policy. Knowledge for Web sit development, ISSN 1066-2243, Volume 11, Number 5(2001).
[6] Bill Hancock. Network Security: The Unsolved Mystery. Network Security, ISSN 1353-4858, February 1999.
[7] 吴承荣,廖健,张世永.《网络安全审计系统的设计与实现》.计算机工程,Vol 25 October 1999.
[8] 王海洲.《网络安全管理的分布模型构造》.电子计算机与外部设备,Vol 25,No 5,1999
[9] 何全胜,姚国祥.《网络安全需求分析及安全策略研究》.计算机工程,Vol.26,NO 6,June 2000.
[10] Ray Hunt. Internet/Intranet firewall Security-Policy, architecture and transaction
services[J]. Computor communications, 1998,21,1107-1123.
[11] 杨槟.《网络安全与防火墙》.计算机系统应用,NO 3,1977.
[12] 柯海丰,吴明辉.《网络入侵检测技术》.计算机时代,Vol 7,2001.
[13] 陈科,李之棠.《网络入侵监测系统和防火墙集成的框架模形》.计算机工程于科学,Vol 23,No 3,2001.
[14] (美) W.Richard Stevens 范建华,胥光辉,张涛等译《TCP/IP详解》卷1:协议,机械工业出版社
[15] 微软驱动开发包Microsoft DDK
[16] (美) Art Baker 著,科欣翻译组译,《Windows NT设备驱动程序设计指南》,机械工业出版社
[17] John Hale, Jody Threet, Sujeet Shenoi. A ticket-based access control architecture for object systems. Journal of Computer Security, ISSN:0926-227x, Vol 8, NO 1 2000
[18 Ralph Spencer Poore, CFE, CISA, CISSP. Access Control Using Attribute Certificates. Information Systems Security. ISSN LOb5-898x, Vol 9 NUMBER 1 MARCH/APRL 2000.
[19] Gnter Karjoth. Authorization in CORBA Security. Journal of Computer Security, ISSN:0926-227x, Vol 8, NO 1 2000
[20] Elisa Bertino, Francesoc Buccafurri, Elena Ferrari, Pasqual Rullo. A logic-based approach for enforcing access control. Journal of Computer Security, ISSN:0926-227x, Vol 8, NO 1 2000
[21] Carlo Bellettini, Università degli Studi di Milano, Elisa Bertino, Università degli Studi di Milano, Elena Ferari, Università degli Studi dell' Insubria. Role Based Access Control Models. Information Security Technial Report, ISSN:B6-4127,Vol6,NO.2(2001).
[22] 陈庆章,林建明,赵新建,胡同森.《WWW与数据库集成系统的用户权限管理》.计算机工程与应用,June 2001
[23] (美) Gary Nebbett 著,齐舒创作室 译,《Windows NT/2000本机API参考手册》,
机械工业出版社
[24] Paul McDermott, Utimaco Safeware. Building Trust Into Online Business. Network Security, ISSN 1353-4858, October 2000.
[25] 黄志清.《网络安全中的数据加密研究》.微型电脑应用,Vol 16,No 6,2000.
[26] 唐韶华,马卫华.《基于数字签名的用户认证方案》.计算机工程与应用,No 5,April 1999
[2] 丁兴富- 《远程教育学》,北京师范大学,面向二十一世纪教材
[3] 徐胜全、何克抗- 基于Internet的教学系统 -http://202.112.88.32/lab/group/ysq/基于Internet的教学系统(修订).htm
[4] 吴中符,符云清,王康,李华.《基于web的远程教育管理及实现》.计算机应用,Vol 18,No 8,Aug.1998.
[5] Mark J.Taylor, David England, David Gresty. Internet Research: Electronic Networking Applications and Policy. Knowledge for Web sit development, ISSN 1066-2243, Volume 11, Number 5(2001).
[6] Bill Hancock. Network Security: The Unsolved Mystery. Network Security, ISSN 1353-4858, February 1999.
[7] 吴承荣,廖健,张世永.《网络安全审计系统的设计与实现》.计算机工程,Vol 25 October 1999.
[8] 王海洲.《网络安全管理的分布模型构造》.电子计算机与外部设备,Vol 25,No 5,1999
[9] 何全胜,姚国祥.《网络安全需求分析及安全策略研究》.计算机工程,Vol.26,NO 6,June 2000.
[10] Ray Hunt. Internet/Intranet firewall Security-Policy, architecture and transaction
services[J]. Computor communications, 1998,21,1107-1123.
[11] 杨槟.《网络安全与防火墙》.计算机系统应用,NO 3,1977.
[12] 柯海丰,吴明辉.《网络入侵检测技术》.计算机时代,Vol 7,2001.
[13] 陈科,李之棠.《网络入侵监测系统和防火墙集成的框架模形》.计算机工程于科学,Vol 23,No 3,2001.
[14] (美) W.Richard Stevens 范建华,胥光辉,张涛等译《TCP/IP详解》卷1:协议,机械工业出版社
[15] 微软驱动开发包Microsoft DDK
[16] (美) Art Baker 著,科欣翻译组译,《Windows NT设备驱动程序设计指南》,机械工业出版社
[17] John Hale, Jody Threet, Sujeet Shenoi. A ticket-based access control architecture for object systems. Journal of Computer Security, ISSN:0926-227x, Vol 8, NO 1 2000
[18 Ralph Spencer Poore, CFE, CISA, CISSP. Access Control Using Attribute Certificates. Information Systems Security. ISSN LOb5-898x, Vol 9 NUMBER 1 MARCH/APRL 2000.
[19] Gnter Karjoth. Authorization in CORBA Security. Journal of Computer Security, ISSN:0926-227x, Vol 8, NO 1 2000
[20] Elisa Bertino, Francesoc Buccafurri, Elena Ferrari, Pasqual Rullo. A logic-based approach for enforcing access control. Journal of Computer Security, ISSN:0926-227x, Vol 8, NO 1 2000
[21] Carlo Bellettini, Università degli Studi di Milano, Elisa Bertino, Università degli Studi di Milano, Elena Ferari, Università degli Studi dell' Insubria. Role Based Access Control Models. Information Security Technial Report, ISSN:B6-4127,Vol6,NO.2(2001).
[22] 陈庆章,林建明,赵新建,胡同森.《WWW与数据库集成系统的用户权限管理》.计算机工程与应用,June 2001
[23] (美) Gary Nebbett 著,齐舒创作室 译,《Windows NT/2000本机API参考手册》,
机械工业出版社
[24] Paul McDermott, Utimaco Safeware. Building Trust Into Online Business. Network Security, ISSN 1353-4858, October 2000.
[25] 黄志清.《网络安全中的数据加密研究》.微型电脑应用,Vol 16,No 6,2000.
[26] 唐韶华,马卫华.《基于数字签名的用户认证方案》.计算机工程与应用,No 5,April 1999