【作者】 范力；

【导师】 孙林夫；

【作者基本信息】 西南交通大学 ， 计算机软件与理论， 2006， 硕士

【摘要】 协同商务平台是一个大型复杂的集成应用系统,它以Internet为媒介,通过浏览器与分布在不同地域的用户及企业进行交互,并借助Web服务技术,实现了协同商务平台与其他应用系统的数据交换。但是,如何保证用户信息的安全,如何保证信息在网络上传输的安全,如何保证Web服务调用的安全,如何开发出健壮的代码不给黑客留任何漏洞等一系列问题都是系统开发和部署的时候应该考虑的问题。 本文根据协同商务平台的物理结构和逻辑结构,深入分析了平台数据交换系统存在的安全隐患和安全威胁,结合WS-Security规范、数字签名、数据加密,时间戳等安全技术,从开发者的角度提出了针对协同商务平台的安全模型,并给出了该安全模型的总体设计和实现。本论文的组织结构为: 第1章作为论文的绪论,介绍了协同商务平台与数据交换的基本概念,分析了研究平台数据交换安全问题的重要意义,介绍了论文的选题和主要工作 第2章给出了协同商务平台的总体需求分析,总体模式以及平台数据交换的需求分析,分析了协同商务平台数据交换存在的各种安全隐患,提出了数据交换系统应该实现的安全目标。 第3章分析并比较了各种数据交换的安全技术,结合平台自身的特点为协同商务平台数据交换系统建立了一个方便、实用、高效、可行的安全模型。 第4章主要介绍了基于该安全模型的协同商务平台数据交换系统的设计。 第5章介绍协同商务平台安全数据交换系统的实现,安全结果分析和异常分析。 最后的结束语对本文的研究内容和结论进行了总结,并展望了本文核心技术的应用前景和进一步的研究工作。更多还原

【Abstract】 The Collaborative Commerce Platform is a large and complex integrated application system. It uses Internet as its media, enables interaction of customers from different regions through browser, and especially relies on the Web Services technology, which realizes data exchange between Collaborative Commerce Platform and other application system. However, how to guarantee the security of customer information, how to guarantee the security of information transfer in Internet, how to guarantee the security of Web Services invocation and how to develop robust code to prevent any backdoor from hackers, etc.. The abovementioned problems should be considered during the development and deployment of the system.Based on the physical structure and logical structure of Collaborative Commerce Platform, the potential danger and security threat of data exchange system of the platform are analyzed thoroughly, combined with the security technologies like WS-Security Specification, digital signature, data encryption and time stamp, a security model of Collaborative Commerce Platform is put forward from the developer’s view, and the overall design and realization of the security model is given. The structure of the paper is as follows:Chapter 1 is the prolegomenon, conceptions of Collaborative Commerce Platform and data exchange are introduced, significance of research on data exchange security of platform is analyzed, and choice of the thesis subject and main work of the thesis are introduced.In Chapter 2, the overall requirements analysis, overall mode of Collaborative Commerce Platform and requirements analysis of platform data exchange are pointed out, the potential danger of the security of Collaborative Commerce Platform is analyzed, and the security goal of data exchange system is put forward.In Chapter 3, various security technologies of data exchange are analyzed and compared. Based on intrinsic characteristics of platform, a convenient, practical, efficient and feasible security model is established for data exchange system ofCollaborative Commerce Platform.In Chapter 4, the design of the data exchange system of Collaborative Commerce Platform based on the security model is discussed.In Chapter 5, the realization of secure data exchange system of Collaborative Commerce Platform, the secure result analysis and exception analysis are described.Finally, in conclusion section, the research content and conclusion are summarized, and core technologies, application prospect as well as the further research work are looked forward.更多还原