随着办公信息化建设的不断推进,OA系统已广泛应用于部队机关及各下属单位,在提高人员工作效率的同时,其自身的安全性也日益引起高度关注。文章针对现有OA系统的典型工作流程,分析其中存在的脆弱点,在此基础上,设计并实现了一个OA应用安全增强系统。该系统对上层应用透明,能在不影响应用系统运行效率的前提下,在操作系统内核层,实现用户身份认证及强制访问控制,极大地提高了应用系统的安全性。%With the fast development of information construction in the army,more and more units have been using OA system.OA can improve the work efficiency while it also has some security problem.This paper describes a typical workflow of OA and analyzes the vulnerabilities in it,and then implements a security-enhanced system on OA application.The security-enhanced system is transparent to the application and does not affect the efficiency of it.Utilizing identity authentication and MAC in the OS kernel,the security-enhanced system can guarantee the security of application fundamentally.
展开▼
