基于Android的密码管理系统的设计与实现
|
摘要
随着计算机科学技术的迅速发展不和计算机网络的广泛应用,企业、高校等机构纷纷建设和完善自己的网络环境。随着网络基础设施数量的不断增多,需要管理的账户和密码也不断增加,这对原有的密码管理方式提出了严峻的挑战。论文分析了大型网络环境的密码管理工作中存在的安全隐患和弊端,在充分了解现有企业中密码管理需求的基础上,具体分析、详细设计并基于Android智能手机平台,采用JSP、HTML5、 MySQL数据库等开发技术实现了密码管理系统。系统在校园网环境中测试并运行良好,能够集中存储各类网络资源的账户和密码,明确密码授权,控制密码强度,完成密码重置和备份。网络管理员使用该系统能够方使的通过智能手机和浏览器对密码进行管理,提高了密码管理的效率,保证了网络运维安全,具有较强的实用性。本文阐述了课题的选题背景和意义、国内外的研究现状,详细描述了系统研发过程中使用的相关技术与理论基础,按照软件工程的开发过程,从系统的设计、实现和测试等各个阶段分别进行了讨论,最后对论文的工作内容进行了总结。
With the rapid development of computer science and the wide use of computer networks, enterprises and institutions such as colleges and universities are developing and improving their network environment.The number of administrative passwords keeps on growing as more and more servers, devices and applications have been added to the campus, which makes the original password management a big challenge. The thesis analysises the safety problems and defects in the existing password management of large-scale network environment. The password management system was studied and designed depending fully on good understanding of the current status of the password management and the demands. The system was based on hybrid architecture and developed on Android platform, using JSP, HTML5, MySQL database and other technologies. It stored accounts and passwords centrally, providing clear password ownership, controling password safety and handling the password reset and backup which was tested well in the campus network environment. Administrators use the system to manage passwords conveniently by smartphones and web browsers. It was proved to improve the high efficiency of the password management, to ensure the safety of the network operations, and to have strong practical applicability. In the thesis, the background and significance of the study were given, the related technologies and development environment were simply described, the design and implementation of the system were discussed in detail, and the summary and outlook of this study is given at the end.
With the rapid development of computer science and the wide use of computer networks, enterprises and institutions such as colleges and universities are developing and improving their network environment.The number of administrative passwords keeps on growing as more and more servers, devices and applications have been added to the campus, which makes the original password management a big challenge. The thesis analysises the safety problems and defects in the existing password management of large-scale network environment. The password management system was studied and designed depending fully on good understanding of the current status of the password management and the demands. The system was based on hybrid architecture and developed on Android platform, using JSP, HTML5, MySQL database and other technologies. It stored accounts and passwords centrally, providing clear password ownership, controling password safety and handling the password reset and backup which was tested well in the campus network environment. Administrators use the system to manage passwords conveniently by smartphones and web browsers. It was proved to improve the high efficiency of the password management, to ensure the safety of the network operations, and to have strong practical applicability. In the thesis, the background and significance of the study were given, the related technologies and development environment were simply described, the design and implementation of the system were discussed in detail, and the summary and outlook of this study is given at the end.
引文
[J]陈勇Web App (?)见状分析及展望[J].通信与信息技术,2012,42(04):77-78.
[2]崔丽娜,郭振斌,龚巧明.基于角色权限管理系统的设计实现[J].科技风,2008,21(11):56-58.
[3]丁丽萍Android操作系统的安全性分析[J].信息网络安全,2012,12(03):28-31.
[4]邓江华,胡志华,牛冀平.AES加密算法的研究与实现[J].微型电脑应用,2005,22(07):15-19.
[5]符易阳,周丹平Android安全制分析[J].信息网络安全,2011,11(09):23-25.
[6]凡里伟Android平台手机防盗系统的设计与实现[D].大连:大连理工大学,2012:
[7]冯志强.基于J2EE和HTTPS(?)通信技是术的专用汽车集成信息系统研究[D].河南:河南科技大学,2008:
[8]郭宏志Android应用开发说解[M].北京:电子工业出版社:,2011:54.
[9]贡知洲,路昭亮Android发展的分析与研究[J].价值工程,2013,32(02):185-186.
[10]公磊,周聪.基于Android的移动终端应用程序开发与研究[J].计算机与现代化,2008,24(08):85-89.
[11]何少岳,徐晓东,马祖苑,主动推送技术在移动协同教育中的应用[J].现代教育技术,2012,22(04):100-103.
[12]简朝阳MySQI性能调优与架构设计[M].北京:电子工业出版社,2009:23-24.
[13]贾旭.AES算法的安全性分析及其优化改进[D].吉林:吉林大学,2010:
[14]李凯Android操作系统分析与移植[D].广州:华南理工大学,2011:
[15]李刚.轻量级Java EE企业应用实战[M].北京:电子工业出版社,2011:15.
[16]彭艳,杨欧Android平台的数据存储技术[J].计算机系统应用,2012,22(05):192-194.
[17]彭洋华.智能信息推拉技术的数字图书馆主动信息服务手段研究[J]。情报资料工作,2005,26(06):84-86.
[18]彭国军,邵玉如.王泰格,基于Android的手机隐私保护技术及实现[J].信息网络安全,2012,12(041:54-57.
[19]沈涛.基于HTML5技术的产品演示系统设计与开发[D].北京:北京交通大学,2011:
[20]王劲松.单点登录在高校校园网系统集成中的应用[J].中国石油大学胜利学院学报,2012,15(03):24-26.
[21]王晨辉.基于Android平台校园信息发布系统[J].数字技术应用,2010,28(08):126.
[22]王志勤Web App还是Native App[J]商学院,2012,9(()5):16-17.
[23]王丽莉,王浩亮.基于Java的AES数据密器[J].电脑编程技巧与维护,2006,13(08):85-87.
[24]文德民.基于Cookie的跨域单点登录系统的设计与实现[D].北京.北京邮电大学,2010:
[25]武晶晶.跨平台的PhoneGap研究[J].信息发全技术,2012,3(12):71-72.
[26]武佳佳,王建忠,基于HTML5实现智能手机跨平台应用开发[J].软件导刊.2013,12((02):66-67.
[27]肖曦,南楠.基于HTTPS的统一通信系统发全设计[J].物联网技术,2011,1(05):67-68.
[28]肖智,杨文军.基于jQuery Mobile的移动高校信息公开系统的设计与开发[J].图书馆学研究,2012,33(23):47-50.
[29]谢梅源.信息系统通用用户发全管理设计与实现[J].中国科技信息,2009,21(03):108-109.
[30]叶进.密码安灰全管理任重道远[J].金融电子化,2009,17(02):74.
[31]余同海.智能手机在企业中的应用[J].硅谷.2011,10(07):149.
[32]杨朗.基于OFBiz与Android平台的进销存系统设计与实现[D].广州:华南理工大学,2012:
[33]伊鹏翔Dalvik虚拟机结构与性能的研究[D].吉林:吉林大学,2011:
[34]朱傲男,周坤.企业管理信息系统建设的密码安全策略[J].山东电力技术,2010,37(06):78-80.
[35]邹海,李强,邱慧丽.基于Android C2DM服务的云端推送研究与实现[J].计算机技术与发展,2012,22(07):29-32.
[36]张京,刘甫迎.基JAndroid云计算消息框架(C2DM)的FoxNews_MID手持移动系统的研究[J].计算机科学,2011,38(10):461-463.
[37]张朝辉.WEB编程中Cookie与Session的比较分析[J].科技信息,2006,23(04):44.
[38]甄建美.GPS车载定位监控系统的设计与实现[D].北京:北京邮电大学,2011:
[39]周峰.基于Android智能手机平台的GPS开发[D].苏州:苏州大学,2011:
[40]周毅敏,陈榕Dalvik虚拟机进程模型分析[J].计算机技术与发展,2010,20(02):82-86.
[41]A.Kumar. Sencha Touch cookbook[M]. UK:Packt Publishing,2011:234.
[42]A.Mahdian,H.Gu,S.Thokala. Location based routing using smartphones in an infrastructureless environment. Proceedings of the 27th Annual ACM Symposium on Applied Computing[C]. New York:ACM,2012:594-599.
[43]Butler,Margaret. Android:changing the mobile landscape[J]. Pervasive Computing,2011,10(01):4-7.
[44]Farrell,Stephen. Password policy purgatory[J]. Internet Computing,2008,12(05):84-87.
[45]G.Anthes. HTML5 leads a web revolution[J]. Communications of the ACM,2012,55(07):16-17.
[46]H.Banuri,M.Alam,S.khan. An Android runtime security policy enforcement framework[J]. Personal and Ubiquitous Computing,2012,16(06):631-641.
[47]Johnson,Rod. J2EE development frameworks[J]. Computer,2005,38(01):107-110.
[48]Jeong,Jongil. An XML-based single sign-on scheme supporting mobile and home network service environments[J]. Consumer Electronics,2004,50(04):1081-1086.
[49]J.White,C.Thompson,H.Turner. Automatic traffic accident detection and notification with smartphones[J]. Mobile Networks and Applications,2011,16(03):285-303.
[50]Ni,Qun. Privacy-aware role-based access control[J]. Security & Privacy IEEE,2009,7(04):35-43.
[51]Tracy,W.Kim. Mobile application development experiences on Apple's iOS and Android OS[J]. Potentials IEEE,2012,31(04):30-34.
[52]Taivalsaari,Antero. An HTML5 cloud phone platform for mobile devices[J]. Software IEEE,2012,29(04):40-45.
[53]Z.Medinieks,L.Dornin,G.Blake,M.Nakamura. Programing Android 2nd edition[M]. USA:O'Reilly Media,2012:78.
[2]崔丽娜,郭振斌,龚巧明.基于角色权限管理系统的设计实现[J].科技风,2008,21(11):56-58.
[3]丁丽萍Android操作系统的安全性分析[J].信息网络安全,2012,12(03):28-31.
[4]邓江华,胡志华,牛冀平.AES加密算法的研究与实现[J].微型电脑应用,2005,22(07):15-19.
[5]符易阳,周丹平Android安全制分析[J].信息网络安全,2011,11(09):23-25.
[6]凡里伟Android平台手机防盗系统的设计与实现[D].大连:大连理工大学,2012:
[7]冯志强.基于J2EE和HTTPS(?)通信技是术的专用汽车集成信息系统研究[D].河南:河南科技大学,2008:
[8]郭宏志Android应用开发说解[M].北京:电子工业出版社:,2011:54.
[9]贡知洲,路昭亮Android发展的分析与研究[J].价值工程,2013,32(02):185-186.
[10]公磊,周聪.基于Android的移动终端应用程序开发与研究[J].计算机与现代化,2008,24(08):85-89.
[11]何少岳,徐晓东,马祖苑,主动推送技术在移动协同教育中的应用[J].现代教育技术,2012,22(04):100-103.
[12]简朝阳MySQI性能调优与架构设计[M].北京:电子工业出版社,2009:23-24.
[13]贾旭.AES算法的安全性分析及其优化改进[D].吉林:吉林大学,2010:
[14]李凯Android操作系统分析与移植[D].广州:华南理工大学,2011:
[15]李刚.轻量级Java EE企业应用实战[M].北京:电子工业出版社,2011:15.
[16]彭艳,杨欧Android平台的数据存储技术[J].计算机系统应用,2012,22(05):192-194.
[17]彭洋华.智能信息推拉技术的数字图书馆主动信息服务手段研究[J]。情报资料工作,2005,26(06):84-86.
[18]彭国军,邵玉如.王泰格,基于Android的手机隐私保护技术及实现[J].信息网络安全,2012,12(041:54-57.
[19]沈涛.基于HTML5技术的产品演示系统设计与开发[D].北京:北京交通大学,2011:
[20]王劲松.单点登录在高校校园网系统集成中的应用[J].中国石油大学胜利学院学报,2012,15(03):24-26.
[21]王晨辉.基于Android平台校园信息发布系统[J].数字技术应用,2010,28(08):126.
[22]王志勤Web App还是Native App[J]商学院,2012,9(()5):16-17.
[23]王丽莉,王浩亮.基于Java的AES数据密器[J].电脑编程技巧与维护,2006,13(08):85-87.
[24]文德民.基于Cookie的跨域单点登录系统的设计与实现[D].北京.北京邮电大学,2010:
[25]武晶晶.跨平台的PhoneGap研究[J].信息发全技术,2012,3(12):71-72.
[26]武佳佳,王建忠,基于HTML5实现智能手机跨平台应用开发[J].软件导刊.2013,12((02):66-67.
[27]肖曦,南楠.基于HTTPS的统一通信系统发全设计[J].物联网技术,2011,1(05):67-68.
[28]肖智,杨文军.基于jQuery Mobile的移动高校信息公开系统的设计与开发[J].图书馆学研究,2012,33(23):47-50.
[29]谢梅源.信息系统通用用户发全管理设计与实现[J].中国科技信息,2009,21(03):108-109.
[30]叶进.密码安灰全管理任重道远[J].金融电子化,2009,17(02):74.
[31]余同海.智能手机在企业中的应用[J].硅谷.2011,10(07):149.
[32]杨朗.基于OFBiz与Android平台的进销存系统设计与实现[D].广州:华南理工大学,2012:
[33]伊鹏翔Dalvik虚拟机结构与性能的研究[D].吉林:吉林大学,2011:
[34]朱傲男,周坤.企业管理信息系统建设的密码安全策略[J].山东电力技术,2010,37(06):78-80.
[35]邹海,李强,邱慧丽.基于Android C2DM服务的云端推送研究与实现[J].计算机技术与发展,2012,22(07):29-32.
[36]张京,刘甫迎.基JAndroid云计算消息框架(C2DM)的FoxNews_MID手持移动系统的研究[J].计算机科学,2011,38(10):461-463.
[37]张朝辉.WEB编程中Cookie与Session的比较分析[J].科技信息,2006,23(04):44.
[38]甄建美.GPS车载定位监控系统的设计与实现[D].北京:北京邮电大学,2011:
[39]周峰.基于Android智能手机平台的GPS开发[D].苏州:苏州大学,2011:
[40]周毅敏,陈榕Dalvik虚拟机进程模型分析[J].计算机技术与发展,2010,20(02):82-86.
[41]A.Kumar. Sencha Touch cookbook[M]. UK:Packt Publishing,2011:234.
[42]A.Mahdian,H.Gu,S.Thokala. Location based routing using smartphones in an infrastructureless environment. Proceedings of the 27th Annual ACM Symposium on Applied Computing[C]. New York:ACM,2012:594-599.
[43]Butler,Margaret. Android:changing the mobile landscape[J]. Pervasive Computing,2011,10(01):4-7.
[44]Farrell,Stephen. Password policy purgatory[J]. Internet Computing,2008,12(05):84-87.
[45]G.Anthes. HTML5 leads a web revolution[J]. Communications of the ACM,2012,55(07):16-17.
[46]H.Banuri,M.Alam,S.khan. An Android runtime security policy enforcement framework[J]. Personal and Ubiquitous Computing,2012,16(06):631-641.
[47]Johnson,Rod. J2EE development frameworks[J]. Computer,2005,38(01):107-110.
[48]Jeong,Jongil. An XML-based single sign-on scheme supporting mobile and home network service environments[J]. Consumer Electronics,2004,50(04):1081-1086.
[49]J.White,C.Thompson,H.Turner. Automatic traffic accident detection and notification with smartphones[J]. Mobile Networks and Applications,2011,16(03):285-303.
[50]Ni,Qun. Privacy-aware role-based access control[J]. Security & Privacy IEEE,2009,7(04):35-43.
[51]Tracy,W.Kim. Mobile application development experiences on Apple's iOS and Android OS[J]. Potentials IEEE,2012,31(04):30-34.
[52]Taivalsaari,Antero. An HTML5 cloud phone platform for mobile devices[J]. Software IEEE,2012,29(04):40-45.
[53]Z.Medinieks,L.Dornin,G.Blake,M.Nakamura. Programing Android 2nd edition[M]. USA:O'Reilly Media,2012:78.