【作者】 卢钢；

【导师】 肖来元；

【作者基本信息】 华中科技大学 ， 软件工程， 2006， 硕士

【摘要】 电子政务是一个将政府工作标准化、服务化、信息化、网络化、公开化的系统工程。电子政务涉及到国家秘密信息和高敏感度的核心政务,涉及到公共秩序的维护和行政监管的准确实施,因此电子政务的安全性显得尤为重要。电子政务的安全目标是使得政务的信息基础设施、信息应用服务和信息内容抵御种种威胁。其安全性涉及到物理级、网络级、系统级和应用级四个层次,具体包括网络隔离、加密、安全检测与监控、安全审计、防病毒、访问控制、身份认证、数据备份与恢复、安全管理等几十项内容。论文结合我在深圳壹平台有限公司实习期间所参与的江苏省国土局电子政务平台项目,对电子政务平台的信息安全做了一定研究。论文集中讨论了政务平台信息系统应用层,结合J2EE技术,对电子政务系统中信息的保密性、完整性、真实性、可用性和可控性等方面进行研究。具体对身份认证、访问控制、权限管理平台、日志审计、数据加密、数字签名等方面进行了研究和一定程度的实现。用户认证模块在传统基于表单认证的方式上增加一次性口令认证,并且在密码存储时以存储用户密码消息摘要替代密码本身,从而达到防攻击和保密的目的。用户权限管理平台引入“角色”概念,应用MVC模式,结合系统的功能模块,做到统一管理和细粒度的访问控制。应用JSP的过滤器技术实现日志审计,使得日志管理与系统自身融合一起。利用JCE提供的加密技术,完成对中英文数据的加解密。最后采用电子签章和手写签名,确保身份认证。更多还原

【Abstract】 E-Government is a system engineering which makes the governmental work be standardized, serviced, informational, netted and opened. Most involved problems relate to the national secrets and sensitive governmental core affairs , to the maintenance of public order and the exact implementation of administrative superintendence. So the E-Government’s security is especially important.The purpose of E-Government’s safety is to enable the basic facility of governmental affairs, information application services and information content to prevent all menaces. The safety refers to four layers: the physical layer, the network layer, the system layer and the application layer, which includes many contents such as network insulation, encryption , safety detection and monitoring, safety audit, virus protection, access control, identity certification, data copy and recovery, security management, etc.Starting with the application layer of safety system, this article, based on J2EE, researches the privacy protection , completeness, facility, availability and controllability of information in E-Government. The facets of customer verification ,access control ,authority management ,log audit ,data encryption , digital signature are researched and implemented to some extent. The module of customer certification adds one-off password certification to the traditional sheet certification, and replaces stored password with stored digest of user password to guard against attacks and keep secrets. The module of user authority management applies MVC pattern , and adopts the business module of application system and the attached operation appointed code. So it can accomplish united management and scrupulous access control. The author have completed the data encryption and decryption of Chinese and English through technology provided by JCE, and finish the application of digital signature.更多还原