Springboot network security assessment platform design
Summary
With the advent of the Internet trend, all walks of life are considering using the Internet to promote themselves. The best way is to establish their own Internet system and maintain and manage it. In actual application, the working rules and development steps of the application software are designed using Java technology to build a network security assessment platform.
This design mainly realizes the design of a network security assessment platform integrating the advantages of humanization, high efficiency, and convenience, and completes functional modules such as user management, assessment classification, assessment items, unit management, and assessment results. The system communicates with the server through the browser to realize data interaction and change. Just use a computer and move your fingers to operate the system and realize data communication management. The design process of the whole system has fully considered the security, stability and reliability of data, and the operation process is simple. The system improves work efficiency and reduces errors and omissions in data storage through scientific management methods and convenient services.
The network security assessment platform is designed using the Java language, developed using the JavaEE technology based on the MVC model, and written using the MyEclipse 2017 CI 10 compiler. The data mainly uses Microsoft's MySQL relational database as the data storage medium, and cooperates with the front desk HTML+ CSS technology completes the development of the system.
Key words: network security assessment platform design; Spring boot framework;
Design of springboot network security assessment platform
Abstract
With the advent of the Internet trend, all walks of life are considering using the Internet to promote themselves. The best way is to establish their own Internet system and maintain and manage it. In practical application, according to the working rules and development steps of application software, Java technology is used to build the design of network security assessment platform.
This design mainly realizes the design of network security assessment platform integrating the advantages of humanization, high efficiency and convenience, and completes the functional modules such as user management, assessment classification, assessment items, unit management and assessment results. The system communicates with the server through the browser to realize the interaction and change of data. You can operate the system and realize data communication management by moving your fingers through a computer. The safety, stability and reliability of data are fully considered in the design process of the whole system, and the operation process is simple. Through scientific management and convenient service, the system improves work efficiency and reduces errors and omissions in data storage.
The network security assessment platform is designed in Java language, developed with Java EE technology based on MVC mode and written with MyEclipse 2017 CI 10 compiler. In terms of data, Microsoft's MySQL relational database is mainly used as the data storage medium, and the system development is completed with the foreground HTML + CSS technology.
Key words:Design of network security assessment platform; Spring boot framework;
Table of contents
1.1 Research background and significance
1.3 The structure of the thesis
Chapter 2 Introduction of Development Tools and Related Technologies
3.3.2 Information adding process 10
3.3.3 Information deletion process 10
4.1 System architecture design
4.2 Development process design
Chapter 5 System Implementation 1 7
5.1 Implementation of the database access layer 1 7
5.2 Realization of login module 2 0
5. 3 Realization of user data modification module 2 5
5. 4 Security officer management module 2 6
5.5 Realization of assessment classification management module 2 8
5.6 Realization of assessment project management module 3 1
5. 7 Realization of unit management module 3 3
5.8 Realization of assessment result management module 3 4
Chapter 7 Summary and Outlook 3 7
Thanks 4 0
- introduction
- research background and meaning
With the rapid development of the network, the requirements for quickly, efficiently and accurately grasping the network operation status and maintaining security and stability are getting higher and higher. Traditional network security management methods have been unable to meet people's needs for network security management, and the network management system implemented by advanced computer software and hardware technology can solve this problem well. System operation status, but also to detect and solve problems in a timely manner. In this paper, by analyzing the development status and trends of network management systems at home and abroad and the shortcomings of network security assessment platform construction, a design scheme of network security assessment platform based on B/S mode is proposed. This scheme uses Java technology to develop a set that can complete A network security assessment platform for real-time monitoring and recording of various security events, data collection, storage, query and other operations; at the same time, a database system with good performance, good scalability, and easy deployment is established in combination with the MySQL database, providing administrators with Convenient and effective means of data entry to improve work efficiency; finally, the assessment platform was successfully applied to actual projects.
-
- Research status
The shortcomings of the traditional network information security assessment method are analyzed, and a network security assessment platform based on cloud computing and big data technology is proposed. The assessment platform adopts the B/S architecture model, uses big data analysis technology to detect and locate network attack behaviors; uses data mining technology to mine valuable information from a large number of logs to improve the management efficiency of the security management department. On this basis, combined with the network security level protection standards and relevant laws and regulations, establish a network security evaluation index system and give the weight value of each index. Finally, the system function modules are determined according to user needs, and a network security assessment platform suitable for network security organizations at all levels is developed to meet the actual work needs of personnel at different levels and improve the comprehensive quality and management level of network security managers.
The main content of this article is as follows:
(1) The background significance of the network security assessment platform and its development status at home and abroad are expounded, the research purpose, task and significance of the network security assessment platform are introduced, and the construction goals, principles and overall framework of the network security assessment platform are clarified.
(2) Aiming at the problem of the single function of the existing network security assessment platform, a design scheme of the network security assessment platform based on cloud computing technology is proposed, and the overall structure of the system, module composition, key technologies and database design are discussed in detail.
(3) In order to ensure the safe operation of the system, conduct in-depth research on the system security risk assessment system. First, formulate a security risk assessment model based on the network security risk assessment criteria, and then use the AHP method to calculate the contribution of each influencing factor to the probability of occurrence of security incidents in the entire system, so as to obtain the ranking results of the importance of each influencing factor, and finally form a complete system security risk assessment program.
(4) In order to verify the feasibility of the proposed network security assessment platform, set up a test scenario for functional testing. The test results show that this assessment platform can accurately monitor the attacker's intrusion behavior, and has high accuracy and reliability. At the same time, it can effectively reduce the incidence of network security accidents and protect the safety of corporate property and employees. To sum up, the network security assessment platform based on cloud computing and big data analysis system proposed in this paper is a new network security assessment method, which can not only monitor network attacks in real time, but also automatically generate corresponding security assessment reports. Its application will greatly improve the efficiency of network security management and promote the continuous improvement of network security level. Therefore, the research results of this paper are of great significance to promote the informationization process in the field of network security in our country. At present, this assessment platform has been used by many provincial cyber security offices, and practice has proved that it works well and is worthy of further promotion.
-
- Thesis structure
Based on the information and data obtained from market research, combined with domestic and foreign frontier research, and using relevant system development and design methods, the design of the network security assessment platform is finally designed.
There are seven chapters in this paper, as follows.
The first chapter outlines the research purpose and significance of the design of the network security assessment platform; it summarizes the domestic and foreign research situation and future research trends concisely, and finally gives the composition structure of the thesis.
The second chapter gives a brief overview of the development techniques and tools used in this paper.
The third chapter briefly analyzes the needs and feasibility of each business process of the system.
The fourth chapter designs the network security assessment platform design.
The fifth chapter implements the design of the network security assessment platform, and posts screenshots of relevant pages, and describes the operation method of specific function realization in language.
The sixth chapter uses test cases to test some main functional modules for the design of the network security assessment platform, and finally obtains the test results.
Chapter 7 summarizes the full text and makes an outlook on future research.
The front-end framework of this system adopts the popular progressive JavaScript framework Vue.js. Use Vue-Router and Vuex to realize dynamic routing and global state management, Ajax to realize front-end and back-end communication, and Element UI component library to make the page quickly form. Back-end part: use springboot as the development framework, and integrate MyBatis, Redis and other related technologies at the same time.
-
- B/S structure
The B/S (browser/server) structure is the current mainstream network structure model. It can concentrate the core functions of the system on the server, and can help system developers simplify operations and facilitate maintenance and use. Users only need to install 360 browser, Google browser, QQ browser and other popular browsers on the client, and install databases such as sqlserver and mysql database in the computer. The installed browser interacts with the server-side database for information and data. Many things that special software can do can also be realized by using the B/S structure mode, which can combine technologies such as Web browser technology, ActiveX technology and various scripting languages. Help program developers save a lot of development costs. At present, the B/S structure has become the mainstream structure of program development. Its best feature is that it has no location restrictions and does not need to install special software. Laptops or computers can access the system with Internet access. The system uses B/S for development, which will save trouble in the later system maintenance. You don’t need to operate on the server for all problems. Simple client processing can solve some problems. The developed program will also enhance the interaction with users. The browser can be refreshed in real time to update the local data information of the program.
Figure 1-1 B/S mode three-layer structure diagram
-
- Spring Boot framework
The Spring Framework is an open source application framework on the Java platform that provides a container with inversion of control features. Although the Spring framework itself has no restrictions on the programming model, its frequent use in Java applications made it so popular that it was later used as a supplement or even a substitute for the EJB (EnterpriseJavaBeans) model. The Spring framework provides a series of solutions for development, such as using the core features of inversion of control, and implementing inversion of control through dependency injection to realize the containerization of the management object life cycle, using aspect-oriented programming for declarative transaction management, and integrating A variety of persistence technologies manage data access, provide a large number of excellent web frameworks to facilitate development, and so on. The Spring framework has the feature of inversion of control (IOC). IOC is designed to facilitate project maintenance and testing. It provides a method for unified configuration and management of Java objects through the Java reflection mechanism. The Spring framework uses the container to manage the life cycle of objects. The container can configure objects by scanning XML files or specific Java annotations on classes. Developers can obtain objects through dependency lookup or dependency injection. The Spring framework has an aspect-oriented programming (AOP) framework. The Spring AOP framework is based on the proxy mode and is configurable at runtime. The AOP framework is mainly modularized for cross concerns between modules. The AOP framework of the Spring framework only provides basic AOP features. Although it cannot be compared with the AspectJ framework, it can also meet the basic needs through integration with AspectJ. Functions such as transaction management and remote access under the Spring framework can be realized by using Spring AOP technology. Spring's transaction management framework brings an abstraction mechanism to the Java platform that enables local and global transactions, as well as nested transactions, to work with savepoints and in almost any environment on the Java platform.
-
- Mysql database
Databases are an integral part of the system development process. In terms of WEB applications, MySQL AB has developed a MySQL relational database management system with great advantages. MySQL can store data in different tables, which is very flexible, and can also improve the speed of the system in practical applications. Database access is most commonly used in the standard SQL language, and MySQL is used in the SQL language, so it is highly compatible. Database operations are essential, including functions such as adding, deleting, modifying, and querying database tables. Nowadays, databases can be divided into relational databases and non-relational databases. Mysql is a relational database. Mysql database is a small relational database. It has its own characteristics: small size, fast speed, low cost, etc. Mysql The database is by far the most popular open source database.
In WEB application technology, Mysql database supports different operating system platforms. Although the installation and configuration under different platforms are different, the difference is not very big. There are two installation methods of Mysql under Windows platform, binary version and installation-free Version. After installing the Mysql database, you need to start the service process, and the corresponding client can connect to the database, and the client can log in to the database through a command line or a graphical interface tool.
-
- Vue.js language features
Ease of use: Based on HTML , CSS , and JavaScript , you can get started quickly; the API of Vue.js refers to AngularJS , KnockoutJS, Ractive.js, and Rivets.js; the API of Vue.js refers to other frameworks not only Reference, which also contains many unique features of Vue.js.
Flexible: Simple and compact core, progressive technology stack, enough to handle applications of any scale.
Performance: 20kb min+gzip running size, ultra-fast virtual DOM , the most worry-free optimization.
- system analysis
- Feasibility Analysis
The feasibility analysis of this system will be carried out from the perspectives of economy, technology and operation.
-
-
- economic feasibility
-
The entire system has rigorous steps from design to development and testing. All work tasks are completed by myself without external technical support, which saves all service costs and labor costs. In terms of hardware, a second-hand mobile phone is used to save costs. The workstation is used as the project deployment server and database server, and the cost is less than 10,000 yuan. The actual network deployment is also completed by myself without other labor costs involved. The entire development process is based on the principle of low cost and low consumption.
-
-
- technical feasibility
-
The purpose of the technical feasibility analysis is to confirm whether the system can be implemented using existing technologies, and to evaluate the development efficiency and completion. Technical feasibility refers to whether the development of computer software and hardware can meet the requirements of development under the current technical conditions. Because the development of the system is based on the springboot language, the software and hardware conditions required to develop the system can be met on an ordinary computer. Because it takes up relatively little memory, there is theoretically no problem in developing and designing software with the Mysql database because it takes up too little memory. The above techniques can effectively guarantee the successful and efficient development of the system.
-
-
- operational feasibility
-
The user interface designed by the network security assessment platform is simple and easy to operate. Common interface windows are used to log in to the interface, and access operations are performed through computers. Users can access operations as long as they have used computers in normal times. The development of this system is developed by springboot technology. Humanization and perfection are the more prominent features of B/S structure development, which makes user operations more concise and convenient than others. Easy to operate, easy to manage, and good interactivity are fully reflected in the operation of this system.
3.2 Performance Analysis
For performance analysis, compared with the traditional management method, the traditional management method uses manual statistics and management of data information with paper and pen, and this method is more troublesome for storing and finding certain data information. With the advent of computer networks, this traditional method is difficult to adapt to the development of the current society. It not only reduces people's work efficiency, but also requires a lot of manpower and material resources, which is relatively high in terms of time and cost. Reduce costs, improve user efficiency, and develop a network security assessment platform design based on computer and network technology.
The development and design of the network security assessment platform design is an independent system, and the popular database is used for data storage and development, mainly to realize the user roles and corresponding functional modules designed by the network security assessment platform, so that the management There will be no management differences and low efficiency, but just the opposite of traditional management information. The realization of the network security assessment platform design can save resources, and also improve the processing speed of business, with fast speed, high efficiency and powerful functions.
3.3 System operation process
3.3.1 User login process
The first hurdle for system security is that users who want to enter the system must enter their own login information through the login window before they can log in. Only after the information entered by the user is accurate can they enter the operating system interface and perform function modules. The corresponding operation, if the information entered by the user is incorrect, a prompt box will appear in the window, and the user fails to log in. Return to the first step to re-enter, as shown in Figure 3-1.
Figure 3-1 Login operation flowchart
3.3.2 Information adding process
For the design of the network security assessment platform, it is necessary to add the required data information at any time. For the user to add information, it is necessary to fill in the data information to be added according to the content of the check box on the adding interface. After the information input is completed, it is judged whether the data information meets the requirements. If the requirements are met, the addition is completed. If the information added by the user does not meet the requirements, you need to return to the first step, re-enter the data information, and then perform the judgment operation, as shown in Figure 3-2.
Figure 3-2 Information adding flow chart
3.3.3 Information deletion process
No matter which user role enters the unreasonable system operation interface, it can perform different information content operation functions. For the deletion of system data information, once the user deletes the information, the deleted data information will not be restored. Therefore, the user When deleting data, it is necessary to judge whether the content to be deleted is determined to be deleted. After confirming that it is correct, choose to confirm the deletion operation, as shown in Figure 3-3.
Figure 3-3 Information deletion flow chart
- system design
4.1 System architecture design
The overview design analysis of the system project designed by the network security assessment platform, the specific analysis of the main content of the network security assessment platform design information, the design of the database, the data uses the mysql database, and the design of the system adopts a more humanized operation design. System error messages can be processed and fed back in a timely manner.
Based on the design of the network security assessment platform, the design is based on the existing mobile phone, which can realize the detailed understanding and statistical analysis of administrators: home page, user management, assessment classification, assessment items, unit management, assessment results, etc. The module relationship diagram established according to the system functional requirements is as follows:
Figure 4-1 Administrator function module diagram
4.2 Development process design
The development of the network security assessment platform design analyzes the management module and the database used by the system, writes generation development, planning and operation are the necessary three steps to build an information management application program, which determines whether the system can truly achieve the preset functions and whether Can be implemented after successful design. In the development process, each stage must be developed in strict accordance with the linear sequence, and each work generated in the corresponding stage can be verified and checked by technology. Make sure that it is correct after the completion of one stage, and will not cause drag and drop phenomenon in the next stage, so that the system can be guaranteed after the design function is completed.
Judging from the successful development experience of network security assessment platform design, the above method has the most obvious effect, and reduces the complexity of system development to the greatest extent. As shown in Figure 4-2.
Figure 4-2 Flow chart of the development system
4.3 Database design
Database is the foundation and core of information system. The quality of database design directly affects the success or failure of information system development. Creating a database table first determines the attributes of entities and the relationships between entities. Create a data table based on the relationship.4.3.1 Entity ER Diagram
The database is the most important step in the entire software programming. For the database problem, it is mainly to determine the number of databases and the creation of structural formulas. The display system uses Mysql to manage the database to ensure data security and stability.
Conceptual models are designed to abstract real-world information and model the information world. It is a powerful tool for database design. Database conceptual model design can describe the conceptual model of the real world through ER diagrams. An ER diagram of a system shows the links between entities in the system. Moreover, the Mysql database is a database with relatively strong self-protection capabilities. The following figure is mainly an ER diagram of database entities:
(1) The unit management ER diagram, as shown in Figure 4-3:
Figure 4-3 Unit management entity attribute diagram
(2) The ER diagram of security officer information is shown in Figure 4-4:
Figure 4-4 Security Officer Information Entity Diagram
(3) The ER diagram of the assessment result is shown in Figure 4-5:
Figure 4-5 Entity diagram of assessment results
These functions can fully meet the needs of network security assessment platform design. The function of this system is relatively comprehensive, as shown in Figure 4-6 below the system function structure.
Figure 4-6 System function structure diagram
4.3.2 Data Sheet
According to the detailed analysis requirements of the data structure, we can analyze according to the requirements of the input and output data volume, determine what table, the relationship between the structure, we can verify, adjust and improve, query and browse the process, can realize the database, In order to make users have more requirements for data and functions.
Based on the characteristics of the database management system used by the system, the conceptual model of the database is converted and constructed. However, this system only needs to fully consider the functions designed by the network security assessment platform, and the organization is relatively clear.
unit_management table:
| type |
length |
not null |
primary key |
note |
|
| unit_management_id |
int |
11 |
yes |
yes |
Unit Management ID |
| unit_name |
varchar |
64 |
yes |
no |
company name |
| safety_officer |
int |
11 |
no |
no |
security officer |
| safety_director |
int |
11 |
no |
no |
security officer |
| recommend |
int |
11 |
yes |
no |
Intelligent Recommendation |
| create_time |
datetime |
0 |
yes |
no |
creation time |
| update_time |
timestamp |
0 |
yes |
no |
update time |
| safety_officer table: |
|||||
| name |
type |
length |
not null |
primary key |
note |
| safety_officer_id |
int |
11 |
yes |
yes |
security officer ID |
| gender |
varchar |
64 |
no |
no |
gender |
| job_number |
varchar |
64 |
yes |
no |
Job number |
| examine_state |
varchar |
16 |
yes |
no |
Approval Status |
| recommend |
int |
11 |
yes |
no |
Intelligent Recommendation |
| user_id |
int |
11 |
yes |
no |
User ID |
| create_time |
datetime |
0 |
yes |
no |
creation time |
| update_time |
timestamp |
0 |
yes |
no |
update time |
| safety_director table: |
|||||
| name |
type |
length |
not null |
primary key |
note |
| safety_director_id |
int |
11 |
yes |
yes |
Security Officer ID |
| gender |
varchar |
64 |
no |
no |
gender |
| job_number |
varchar |
64 |
yes |
no |
Job number |
| examine_state |
varchar |
16 |
yes |
no |
Approval Status |
| recommend |
int |
11 |
yes |
no |
Intelligent Recommendation |
| user_id |
int |
11 |
yes |
no |
User ID |
| create_time |
datetime |
0 |
yes |
no |
creation time |
| update_time |
timestamp |
0 |
yes |
no |
update time |
| assessment_results表: |
|||||
| name |
type |
length |
not null |
primary key |
note |
| assessment_results_id |
int |
11 |
yes |
yes |
Assessment result ID |
| unit_name |
varchar |
64 |
no |
no |
company name |
| assessment_type |
varchar |
64 |
no |
no |
assessment type |
| assessment_index |
varchar |
64 |
no |
no |
Assessment indicators |
| audit_description |
varchar |
64 |
no |
no |
Review instructions |
| remarks |
varchar |
64 |
no |
no |
instruction manual |
| enclosure |
varchar |
255 |
no |
no |
appendix |
| safety_officer |
int |
11 |
no |
no |
security officer |
| safety_director |
int |
11 |
no |
no |
security officer |
| item_sub |
int |
11 |
no |
no |
Item points |
| minus_score |
int |
11 |
no |
no |
minus points |
| total_score |
varchar |
64 |
no |
no |
Total Score |
| scoring_rules |
text |
0 |
no |
no |
Judging rules |
| score_deduction_index |
text |
0 |
no |
no |
Deduction indicator |
| recommend |
int |
11 |
yes |
no |
Intelligent Recommendation |
| create_time |
datetime |
0 |
yes |
no |
creation time |
| update_time |
timestamp |
0 |
yes |
no |
update time |
| assessment_items表: |
|||||
| name |
type |
length |
not null |
primary key |
note |
| assessment_items_id |
int |
11 |
yes |
yes |
Assessment project ID |
| assessment_type |
varchar |
64 |
no |
no |
assessment type |
| assessment_index |
varchar |
64 |
no |
no |
Assessment indicators |
| start_time |
datetime |
0 |
no |
no |
Starting time |
| end_time |
datetime |
0 |
no |
no |
End Time |
| assessment_requirements |
varchar |
64 |
no |
no |
assessment requirements |
| enclosure |
varchar |
255 |
no |
no |
appendix |
| safety_officer |
int |
11 |
no |
no |
security officer |
| safety_director |
int |
11 |
no |
no |
security officer |
| reviewed_by_responsible_person |
varchar |
64 |
no |
no |
Person in charge review |
| assessment_content |
text |
0 |
no |
no |
Examination content |
| scoring_rules |
text |
0 |
no |
no |
Judging rules |
| remarks |
text |
0 |
no |
no |
instruction manual |
| recommend |
int |
11 |
yes |
no |
Intelligent Recommendation |
| create_time |
datetime |
0 |
yes |
no |
creation time |
| update_time |
timestamp |
0 |
yes |
no |
update time |
| assessment_classification表: |
|||||
| name |
type |
length |
not null |
primary key |
note |
| assessment_classification_id |
int |
11 |
yes |
yes |
Assessment Category ID |
| assessment_type |
varchar |
64 |
no |
no |
assessment type |
| recommend |
int |
11 |
yes |
no |
Intelligent Recommendation |
| create_time |
datetime |
0 |
yes |
no |
creation time |
| update_time |
timestamp |
0 |
yes |
no |
update time |
The system is connected through jdbc and MySQL, and a new jdbc.properties file is created to fill in the drivers and parameters required to connect to the database.
jdbc.driverClass=com.MySQL.jdbc.Driver
jdbc.url=jdbc:MySQL://localhost:3306/tsi
jdbc.username=root
jdbc.password=123
第一个参数代表MySQL数据库的驱动,第二个参数代表要连接的数据库,第三个和第四个参数代表数据库连接名和密码。
后台与数据库访问主要是通过HQL语句来进行查询的,查询语句中的表名是表格的实体类名,在这种查询语句中*是不允许使用的,除非适合聚合函数一起使用才可以。
主要由两部分组成,登录前的登录界面以及登录后的用户功能界面。登录界面,要求用户输入用户名和密码,当用户名和密码其中一个输入为空时,给出提示“用户名,密码不能为空”。获取用户名和密码后到数据库中查找,如果用户名存在,以及对应的密码正确,则登录成功,否则登录失败。登录失败后给出提示,并把焦点停在文本框中。登录成功后将该次会话的全局变量username设置为用户名。登录成功后进入会员的功能模块,主要有会员基本信息修改,已经发布考试信息管理,发布信息,和退出功能。退出功能是清除全局变量username的值,并跳回到首页。
登录流程图如下图所示。
图5-1登录流程图
用户登录界面如下图所示。
图5-1登录界面
登录系统主要代码如下。
/**
* 登录
* @param data
* @param httpServletRequest
* @return
*/
@PostMapping("login")
public Map<String, Object> login(@RequestBody Map<String, String> data, HttpServletRequest httpServletRequest) {
log.info("[执行登录接口]");
String username = data.get("username");
String email = data.get("email");
String phone = data.get("phone");
String password = data.get("password");
List resultList = null;
Map<String, String> map = new HashMap<>();
if(username != null && "".equals(username) == false){
map.put("username", username);
resultList = service.select(map, new HashMap<>()).getResultList();
}
else if(email != null && "".equals(email) == false){
map.put("email", email);
resultList = service.select(map, new HashMap<>()).getResultList();
}
else if(phone != null && "".equals(phone) == false){
map.put("phone", phone);
resultList = service.select(map, new HashMap<>()).getResultList();
}else{
return error(30000, "账号或密码不能为空");
}
if (resultList == null || password == null) {
return error(30000, "账号或密码不能为空");
}
//判断是否有这个用户
if (resultList.size()<=0){
return error(30000,"用户不存在");
}
User byUsername = (User) resultList.get(0);
Map<String, String> groupMap = new HashMap<>();
groupMap.put("name",byUsername.getUserGroup());
List groupList = userGroupService.select(groupMap, new HashMap<>()).getResultList();
if (groupList.size()<1){
return error(30000,"用户组不存在");
}
UserGroup userGroup = (UserGroup) groupList.get(0);
//查询用户审核状态
if (!StringUtils.isEmpty(userGroup.getSourceTable())){
String sql = "select examine_state from "+ userGroup.getSourceTable() +" WHERE user_id = " + byUsername.getUserId();
String res = String.valueOf(service.runCountSql(sql).getSingleResult());
if (res==null){
return error(30000,"用户不存在");
}
if (!res.equals("已通过")){
return error(30000,"该用户审核未通过");
}
}
//查询用户状态
if (byUsername.getState()!=1){
return error(30000,"用户非可用状态,不能登录");
}
String md5password = service.encryption(password);
if (byUsername.getPassword().equals(md5password)) {
// 存储Token到数据库
AccessToken accessToken = new AccessToken();
accessToken.setToken(UUID.randomUUID().toString().replaceAll("-", ""));
accessToken.setUser_id(byUsername.getUserId());
tokenService.save(accessToken);
// 返回用户信息
JSONObject user = JSONObject.parseObject(JSONObject.toJSONString(byUsername));
user.put("token", accessToken.getToken());
JSONObject ret = new JSONObject();
ret.put("obj",user);
return success(ret);
} else {
return error(30000, "账号或密码不正确");
}
}
用户登录/注册成功之后可以修改自己的基本信息。修改页面的表单中每一个input的name值都要与实体类中的参数相匹配,在用户点击修改页面的时候,如果改后用户名与数据库里面重复了,页面会提示该用户名已经存在了,否则通过Id来查询用户,并将用户的信息修改为表单提交的数据。
-
- 安全员管理模块
根据需求,需要对安全员进行添加、删除或修改详情信息。删除或修改安全员时,系统根据安全员的状态判定为可删除状态下,才会给出删除和修改链接,点击删除链接按钮时,请求到达后台,还会先查询安全员状态再次做出判定能否删除。点击修改链接按钮时,会跳转到修改信息的页面,重新填写好数据后,数据提交到后台会对数据库中相应的记录做出修改。
添加安全员时,会给出数据填写的页面,该页面根据填写好的安全员编号同样会事先发送Ajax请求查询编号是否已存在,数据填写好之后提交到后台,会调用相关服务在数据库中插入记录。
安全员页面设计效果如下图所示。
图5-1安全员管理界面
-
- 考核分类管理模块的实现
根据需求,需要对考核分类进行添加、删除或修改详情信息。删除或修改考核分类时,系统根据考核分类的状态判定为可删除状态下,才会给出删除和修改链接,点击删除链接按钮时,请求到达后台,还会先查询用户状态再次做出判定能否删除。点击修改链接按钮时,会跳转到修改信息的页面,重新填写好数据后,数据提交到后台会对数据库中相应的记录做出修改。
添加考核分类时,会给出数据填写的页面,该页面根据填写好的考核分类编号同样会事先发送Ajax请求查询编号是否已存在,数据填写好之后提交到后台,会调用相关服务在数据库中插入记录。
考核分类管理流程图如下图所示。
图5-1考核分类管理流程图
考核分类管理页面设计效果如下图所示。
图5-1考核分类管理界面图
考核分类管理关键代码如下所示。
@RequestMapping(value = {"/count_group", "/count"})
public Map<String, Object> count(HttpServletRequest request) {
Query count = service.count(service.readQuery(request), service.readConfig(request));
return success(count.getResultList());
}
-
- 考核项目管理模块的实现
添加考核项目时,输入必填字段后,表现层的ShangpinController接受传过来的考核项目参数,再调用ShangpinController类的addShangpin方法,经过ShangpinService业务层到ShangpinMapper持久层的处理,完成对整个添加考核项目的操作。addShangpin方法也和用户管理中的addUser方法类似,同时做添加和修改工作。
修改考核项目时,选择需要修改的考核进行修改,调用ShangpinController控制器的editShangpin方法,拿到该考核单原本的信息并显示到页面,管理员再对需要修改的考核项目字段进行修改,完成后调用addShangpin方法,调用业务层的updateByKey方法,更新数据库的考核项目表的数据。
考核项目管理流程图如下所示。
图5-1考核项目管理流程图
考核项目管理界面如下图所示。
图5-1考核项目界面图
考核项目管理关键代码如下所示。
@PostMapping("/add")
@Transactional
public Map<String, Object> add(HttpServletRequest request) throws IOException {
service.insert(service.readBody(request.getReader()));
return success(1);
}
@Transactional
public Map<String, Object> addMap(Map<String,Object> map){
service.insert(map);
return success(1);
}
public Map<String,Object> readBody(BufferedReader reader){
BufferedReader br = null;
StringBuilder sb = new StringBuilder("");
try{
br = reader;
String str;
while ((str = br.readLine()) != null){
sb.append(str);
}
br.close();
String json = sb.toString();
return JSONObject.parseObject(json, Map.class);
}catch (IOException e){
e.printStackTrace();
}finally{
if (null != br){
try{
br.close();
}catch (IOException e){
e.printStackTrace();
}
}
}
return null;
}
public void insert(Map<String,Object> body){
StringBuffer sql = new StringBuffer("INSERT INTO ");
sql.append("`").append(table).append("`").append(" (");
for (Map.Entry<String,Object> entry:body.entrySet()){
sql.append("`"+humpToLine(entry.getKey())+"`").append(",");
}
sql.deleteCharAt(sql.length()-1);
sql.append(") VALUES (");
for (Map.Entry<String,Object> entry:body.entrySet()){
Object value = entry.getValue();
if (value instanceof String){
sql.append("'").append(entry.getValue()).append("'").append(",");
}else {
sql.append(entry.getValue()).append(",");
}
}
sql.deleteCharAt(sql.length() - 1);
sql.append(")");
log.info("[{}] - 插入操作:{}",table,sql);
Query query = runCountSql(sql.toString());
query.executeUpdate();
}
-
- 单位管理模块的实现
根据需求,需要对单位进行添加、删除或修改详情信息。删除或修改单位时,系统根据单位的状态判定为可删除状态下,才会给出删除和修改链接,点击删除链接按钮时,请求到达后台,还会先查询单位状态再次做出判定能否删除。点击修改链接按钮时,会跳转到修改信息的页面,重新填写好数据后,数据提交到后台会对数据库中相应的记录做出修改。
添加单位时,会给出数据填写的页面,该页面根据填写好的单位名称同样会事先发送Ajax请求查询编号是否已存在,数据填写好之后提交到后台,会调用相关服务在数据库中插入记录。
单位管理流程图如下图所示。
图5-1单位管理流程图
单位管理页面设计效果如下图所示。
图5-1单位管理界面图
单位管理关键代码如下所示。
@PostMapping("/set")
@Transactional
public Map<String, Object> set(HttpServletRequest request) throws IOException {
service.update(service.readQuery(request), service.readConfig(request), service.readBody(request.getReader()));
return success(1);
}
public Map<String,String> readConfig(HttpServletRequest request){
Map<String,String> map = new HashMap<>();
map.put(FindConfig.PAGE,request.getParameter(FindConfig.PAGE));
map.put(FindConfig.SIZE,request.getParameter(FindConfig.SIZE));
map.put(FindConfig.LIKE,request.getParameter(FindConfig.LIKE));
map.put(FindConfig.ORDER_BY,request.getParameter(FindConfig.ORDER_BY));
map.put(FindConfig.FIELD,request.getParameter(FindConfig.FIELD));
map.put(FindConfig.GROUP_BY,request.getParameter(FindConfig.GROUP_BY));
map.put(FindConfig.MAX_,request.getParameter(FindConfig.MAX_));
map.put(FindConfig.MIN_,request.getParameter(FindConfig.MIN_));
return map;
}
public Map<String,String> readQuery(HttpServletRequest request){
String queryString = request.getQueryString();
if (queryString != null && !"".equals(queryString)) {
String[] querys = queryString.split("&");
Map<String, String> map = new HashMap<>();
for (String query : querys) {
String[] q = query.split("=");
map.put(q[0], q[1]);
}
map.remove(FindConfig.PAGE);
map.remove(FindConfig.SIZE);
map.remove(FindConfig.LIKE);
map.remove(FindConfig.ORDER_BY);
map.remove(FindConfig.FIELD);
map.remove(FindConfig.GROUP_BY);
map.remove(FindConfig.MAX_);
map.remove(FindConfig.MIN_);
return map;
}else {
return new HashMap<>();
}
}
@Transactional
public void update(Map<String,String> query,Map<String,String> config,Map<String,Object> body){
StringBuffer sql = new StringBuffer("UPDATE ").append("`").append(table).append("`").append(" SET ");
for (Map.Entry<String,Object> entry:body.entrySet()){
Object value = entry.getValue();
if (value instanceof String){
sql.append("`"+humpToLine(entry.getKey())+"`").append("=").append("'").append(value).append("'").append(",");
}else {
sql.append("`"+humpToLine(entry.getKey())+"`").append("=").append(value).append(",");
}
}
sql.deleteCharAt(sql.length()-1);
sql.append(toWhereSql(query,"0".equals(config.get(FindConfig.LIKE))));
log.info("[{}] - 更新操作:{}",table,sql);
Query query1 = runCountSql(sql.toString());
query1.executeUpdate();
}
public String toWhereSql(Map<String,String> query, Boolean like) {
if (query.size() > 0) {
try {
StringBuilder sql = new StringBuilder(" WHERE ");
for (Map.Entry<String, String> entry : query.entrySet()) {
if (entry.getKey().contains(FindConfig.MIN_)) {
String min = humpToLine(entry.getKey()).replace("_min", "");
sql.append("`"+min+"`").append(" >= '").append(URLDecoder.decode(entry.getValue(), "UTF-8")).append("' and ");
continue;
}
if (entry.getKey().contains(FindConfig.MAX_)) {
String max = humpToLine(entry.getKey()).replace("_max", "");
sql.append("`"+max+"`").append(" <= '").append(URLDecoder.decode(entry.getValue(), "UTF-8")).append("' and ");
continue;
}
if (like == true) {
sql.append("`"+humpToLine(entry.getKey())+"`").append(" LIKE '%").append(URLDecoder.decode(entry.getValue(), "UTF-8")).append("%'").append(" and ");
} else {
sql.append("`"+humpToLine(entry.getKey())+"`").append(" = '").append(URLDecoder.decode(entry.getValue(), "UTF-8")).append("'").append(" and ");
}
}
sql.delete(sql.length() - 4, sql.length());
sql.append(" ");
return sql.toString();
} catch (UnsupportedEncodingException e) {
log.info("拼接sql 失败:{}", e.getMessage());
}
}
return "";
}
-
- 考核结果管理模块的实现
根据需求,需要对考核结果进行添加、删除或修改详情信息。删除或修改考核结果时,系统根据考核结果的状态判定为可删除状态下,才会给出删除和修改链接,点击删除链接按钮时,请求到达后台,还会先查询考核结果状态再次做出判定能否删除。点击修改链接按钮时,会跳转到修改信息的页面,重新填写好数据后,数据提交到后台会对数据库中相应的记录做出修改。
添加考核结果时,会给出数据填写的页面,该页面根据填写好的单位名称同样会事先发送Ajax请求查询编号是否已存在,数据填写好之后提交到后台,会调用相关服务在数据库中插入记录。
图5-1考核结果管理界面
程序设计不能保证没有错误,这是一个开发过程,在错误或错误的过程中难以避免,这是不可避免的,但我们不能使这些错误始终存在于系统中,错误可能会造成无法估量的后果 如系统崩溃,安全信息,系统无法正常启动,导致安装用户手机屏幕等,为了避免这些问题,我们需要测试程序,并发现这些问题,并纠正它们 ,并使系统更长时间稳定成熟,本章的作用是发现这些问题,并对其进行修改,虽然耗时费力,但长期非常重要和必要系统的开发。
软件测试与开发过程是一样的,都必须按照软件工程的正规原理进行,遵守管理学理论。不过,目前国内的软件测试已经积累了大量经验和方法,步骤相对成熟,软件测试的效率也越来越高。
网络安全考核平台设计的实现,对于系统中功能模块的实现及操作都必须通过测试进行来评判系统是否可以准确的实现。在网络安全考核平台设计正式上传使用之前必须做的一步就是系统测试,对于测试发现的错误及时修改处理,保证系统准确无误的供给用户使用。
-
- 测试方案设计
6.2.1 测试策略
1、功能测试
从用户的角度来看,测试时不了解新开发软件的内部结构,因此可以将系统与黑匣子进行比较,盲目输入后可以查看系统给出的反馈。这种测试属于黑盒测试,在测试中如果输入错误信息系统会报错。
2、性能测试
测试软件程序的整体状况(称为性能测试)通常使用自动化测试工具来检测系统的整体功能,在负载测试和压力测试之间进行分配,在某些情况下,将这两种情况结合起来。虽然压力测试可以检测到系统可以提供的最高级别的服务,但负载测试可以测试系统如何响应增加的负载。
6.2.2 测试分析
测试评估系统质量的方法不局限于系统编码和过程,应该与软件设计工作和历史需求分析密切相关。
软件测试应遵循以下原则:
(1)软件测试应尽快进行,整个测试部分应在软件开发和设计的整个过程中进行。如发现错误,立即处理,将大大减少软件开发的时间,并提高软件的质量。
(2)在软件的各种测试中,测试过程中使用的计划、报告等应妥善处理和存储。其主要目的是为了便于以后系统的维护。
(3)软件测试整个过程中的聚类现象应优先考虑。
(4)对于软件测试,我们应该尽量不去和自己设计的系统进行参考,而是要测试对方的程序,以确保软件测试结果的客观性和公平性。
(5)整个测试计划严格按照软件测试的具体实施细则进行。
(6)对整个测试结果进行综合检查,尽量避免重复错误。
本网络安全考核平台设计满足用户的要求和需求,本网络安全考核平台设计的使用能够有效的提高用户的使用率。
测试后得到的性能和用例,系统具有足够的正确性、可靠性、稳定性,并且可以对输入数据进行准确的点击操作处理和响应测试用户的体验也得到了很好的反馈和响应时间。合理的范围,可以兼容所有主流浏览器,设计所需的效果。
- 总结与展望
通过网络安全考核平台设计的开发,本人巩固了之前学过的知识,如今将平时所学到的知识融合在设计中,在设计过程中,做了很多的准备,首先,在数据库系统的设计过程中,尤其是在数据库的工作原理、工作特点,对其深刻的讨论,与此同时,对于小型站点来说,最好服务器的选择,其次,利用所学的知识点分析所做的系统,并在此基础上设计。
目前本系统已经上线,正在试运行阶段,用户反馈良好,基本完成用户所需,试运行过程中没有出现阻断性问题,有一些不足和小问题也及时予以修正,系统上线后,为了保证数据的安全性,对系统进行了备份操作,系统备份是每两个月备份一次,数据库备份为每周备份一次,系统部署在租赁的云平台服务器中。
本次系统上线成功后,得到了用户的高度认可,但是在功能上和性能上还需做进一步的研究处理,使其有更高的性能和更好的用户体验。
系统在以后的升级过程中,需要解决一系列用户所提出的问题,例如打印过程中如何避免浏览器的兼容性问题,大量用户访问时,如何保持较高的响应速度,在系统今后的升级过程中将着重解决这些安全性问题。
参考文献
[1]郭迪, (四)宣传工作 网络安全管理绩效考核. 周艳 主编,普陀年鉴,上海辞书出版社,2021,57-58,年鉴.DOI:10.41202/y.cnki.ypunj.2021.000128.
[2]He Xinbin,Bai Yongbin,Yue Lisen,Wang Haixiao,Liu Yi. Design and Implementation of Information System Based on Java Technology Platform[J]. Journal of Physics: Conference Series,2021,2033(1).
[3]邓楠轶,王文庆,高原英,杨新民,杨东,崔逸群,刘超飞,毕玉冰,董夏昕,朱博迪,介银娟. 一种基于区块链的网络安全绩效考核数据处理方法[P]. 陕西省:CN112381403A,2021-02-19.
[4]Qu Xiaona. Application of Java Technology in Dynamic Web Database Technology[J]. Journal of Physics: Conference Series,2021,1744(4).
[5]向成艺, “三项岗位人员”安全生产能力省级网络考核平台建设及推广应用. 四川省,四川省安全科学技术研究院,2020-05-26.
[6]Lei Yu,Cheng Li,Lei Wei,Hu WenYa. Marine biological monitoring and managing system based on Java technology[J]. MIPPR 2019: REMOTE SENSING IMAGE PROCESSING, GEOGRAPHIC INFORMATION SYSTEMS, AND OTHER APPLICATIONS,2020,11432.
[7]杨照峰,陈惠兵,彭统乾.网络攻防考核平台的设计与实现[J].信息技术与信息化,2019(12):148-150.
[8]王东海.“网络安全技术”课程教学研究[J].电脑知识与技术,2019,15(33):121-122+139.DOI:10.14004/j.cnki.ckt.2019.3943.
[9].国务院国资委印发《中央企业负责人经营业绩考核办法》,网络安全成为考核指标[J].自动化博览,2019,36(S2):6.
[10]曹宇.网络安全考核评价体系构建[J].信息与电脑(理论版),2018(23):180-182.
[11]王虎,张立江,陈伟,钱冠伸.开放式的网络与安全实验室建设与教学改革探索[J].实验室研究与探索,2018,37(09):331-334.
[12]. 内蒙古互联网应急中心加强对网络安全应急服务支撑单位的考核[C]//.内蒙古通信(2017年第3期 第112期).,2017:29.
[13] Cui Baocai. Skills Competition Leads the Course Reform of "Network Security Management" [J]. Joint Journal of Tianjin Vocational Colleges, 2017,19(06):110-114.
[14] Huang Yu. In-depth implementation of the "two ministries and commissions" on network and information security responsibility assessment work [J]. China Information Security, 2017 (06): 98-99.
[15] Xu Wenrui, Guan Dongmei, Liao Minhui. Reform, Exploration and Practice of the Assessment System of Higher Vocational Theory-Practice Integration——Taking the "Network Marketing and Security" Course of E-commerce Major as an Example [J]. Journal of Taiyuan City Vocational and Technical College, 2017(03):146-149. DOI: 10.16227/j.cnki.tycs.2017.0249.
[16]. Jiangsu Communications Management Bureau went to the provincial company of basic telecommunication enterprises to carry out a special inspection on the implementation of network and information security responsibility assessment of basic telecommunication enterprises [J]. Jiangsu Communication, 2017, 33(01): 12.
thank you
Time flies, and in a blink of an eye, my years of school life are coming to an end. Looking back on these years of study and life, I have gained a lot, both happiness and sadness. The end of school life is also a new beginning for me. The dissertation is about to be completed. Here, I have many people in my heart who I want to thank. First of all, I would like to thank my mentor, who not only guides me in study and research, but also helps me in life and dealing with others. I would also like to thank the teachers, your rigorous academic spirit and positive work attitude have encouraged my growth and progress. Thanks to the roommates who have lived together for many years, thank you for your company and care over the years. Finally, I would like to thank all the paper reviewers for taking the time out of their busy schedules to review this paper and give valuable comments and suggestions.
Like+Favorite+Follow → private message to receive the source code and database