一种新型网络文件系统的安全防护体系的研究

发布时间：2018-11-06 10:04

【摘要】：随着互联网的普及,计算机更新换代速度的加快,计算机与人们的生活联系越来越紧密。现代社会计算机带给人们很多的便利,如让人们更快捷的通过网络文件共享系统获取所需要的各种文件。作为网络文件共享系统的管理者,如何高效,安全,方便的利用现有的技术为用户提供安全的网络文件共享,防御黑客对网络文件系统的攻击将是本文研究的问题。论文深入研究如何利用ASP技术高效,安全,方便的解决网络文件共享系统的基础上,设计并实现了一种新型的网络文件系统的安全防护体系。论文系统基于B/S架构,涉及ASP技术,权限认证,网络入侵技术,无组件上传,防盗链接等相关技术,满足不同权限用户通过不同终端的浏览器进入系统获取所需文件。论文实验系统以Windows XP为开发环境,以IIS为服务器,ASP为开发语言,Access2003为数据库组成的一个网络文件共享体系。系统前后界面用ASP设计,开发界面简单整洁,具有很好的人机交互性。系统文件共享基于HTTP协议,安全措施包括,用户认证、加密核心信息,防SQL注入措施,无组件上传,防盗链接设计,防数据库下载,应用硬盘保护网络文件系统等。整个系统立足于成熟的Web环境,高效,安全,方便的满足用户的使用需求,具有很高的研究价值。论文重点对系统的安全防护体系进行研究。安全措施包括权限的认证与管理,加密用户信息,常见入侵漏洞的改进,无组件上传的设计,防盗链接设计,利用硬盘保护网络文件等。论文实验了多种入侵攻击测试,获取了大量的系统攻防数据,分析了系统防御入侵攻击的不足之处,提出了系统安全性能的改进措施,并对下一步的工作进行了展望。
[Abstract]:With the popularity of the Internet and the speed of computer replacement, computers are more and more closely connected with people's lives. In modern society, computers bring people a lot of convenience, such as making people get all kinds of files through the network file sharing system more quickly. As the administrator of the network file sharing system, how to efficiently, safely and conveniently make use of the existing technology to provide the users with secure network file sharing, and to defend the hacker from attacking the network file system will be the problem of this paper. Based on the research of how to use ASP technology to solve the problem of network file sharing system efficiently, safely and conveniently, a new security protection system of network file system is designed and implemented in this paper. The system is based on the B / S architecture, including ASP technology, authority authentication, network intrusion technology, componentless upload, anti-theft link and other related technologies, to meet the different permissions of users to enter the system through different terminal browsers to obtain the required files. This paper uses Windows XP as the development environment, IIS as the server, ASP as the development language and Access2003 as the database. The interface of the system is designed by ASP, the interface is simple and clean, and has good man-machine interaction. System file sharing is based on HTTP protocol. Security measures include user authentication, encryption of core information, anti-SQL injection measures, componentless upload, anti-theft link design, anti-database download, application of hard disk to protect network file system. The whole system is based on the mature Web environment, which is efficient, safe and convenient to meet the user's needs. It has high research value. This paper focuses on the study of the system's safety protection system. Security measures include authentication and management of authority, encryption of user information, improvement of common intrusion vulnerabilities, design of uploading without components, design of anti-theft link, protection of network files by hard disk, etc. In this paper, many intrusion attack tests are experimented, a large number of system attack and defense data are obtained, the shortcomings of system defense against intrusion attack are analyzed, the improvement measures of system security performance are put forward, and the future work is prospected.
【学位授予单位】：湖北大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】