User level administration is appropriate in some situations to tightening security. 在某些情况下,适于使用用户级别管理来收紧安全性。
As a result the resources that a user can access are limited at Web page level and the security issue considered in development phase is moved to deployment. 把用户能访问到的资源控制到了页面级,避免了用户通过浏览器的地址栏进行越权访问。将开发阶段需要考虑的安全问题转移到部署阶段,实现了应用逻辑与安全逻辑的彻底分离。
Through unified authentication authentication and accounting based on the USIM card to solve the traditional WLAN systems require the user to enter a user name and password, the system also has a higher level of security. 通过基于USIM卡的统一鉴权认证计费解决原有WLAN系统中需要用户输入用户名、密码的问题,同时也使系统具备了更高的安全性。
Inference problem is that the user having a low security level figures out the secret information of high security level via data it can access and its own knowledge, leading to the attack to the data base, which can cause information flow disobeying security strategy. 推理问题是低安全级的用户利用他能够访问到的数据以及自身的知识,推断出高安全级的机密信息,从而构成对数据库的攻击,它会引起违反安全策略信息流动。
This system helps the user level of protection in the risk assessment and self-evaluation in the automation instead of manual testing, thereby reducing the number of personnel costs, effective assistance to the development of information security. 本系统帮助用户在风险评估与等级保护自评工作中自动化代替手工检测,从而降低大量的人力成本,有效地协助信息化安全的发展建设。
