正则表达式在电子政务客户端校验中的应用  被引量:16

Application of Regular Expressions in Verifying Client of E-Gov

在线阅读下载全文

作  者:王功明[1] 吴华瑞[1] 赵春江[1] 杨宝祝[1] 

机构地区:[1]国家农业信息化工程技术研究中心

出  处:《计算机工程》2007年第9期269-271,共3页Computer Engineering

基  金:国家科技攻关计划基金资助项目(2003BA808A16);科技部农业科技成果转化资金资助项目(04EFN211100002)

摘  要:SQL注入技术通过输入带有SQL关键字的语句破坏后台数据库查询语句完整性,进而开展客户端攻击,危害性很强,此外,不合规范的输入数据,也加重系统负担,降低系统可靠性。所以电子政务系统安全性、可靠性亟待提高。正则表达式具有很强的模式匹配功能,可以用来校验各种类型数据。加入正则表达式校验层,扩充传统三层B/S架构至四层后,通过校验客户端输入数据,能够遏制某些客户端攻击,在一定程度上提高电子政务系统安全性、可靠性。在电子政务系统建设中应用该项技术,取得了优良的效果。SQL injection has ferocious harm to E-Gov. It can break integrality of query sentence in background database by inputing some vicious sentences which contain SQL key words. Thereupon, it carries out client attack. Besides, inputing data which isn't accordant with criterion may aggravate burden of system and reduce reliability of system at all. So the security and reliability in E-Gov system desiderates enhancing. The regular expressions have strong ability to match pattern so as to verify various data which has a varity of types. The traditional B/S frame structure can expand from three layers to four layers by adding regular expressions verifying layer. Therefore, clients are kept from being attacked by verifying input data at client. Thus security and reliability in E-Gov system is improved to a certainly level, This technology acquires good effect in the course of application in an E-Gov system.

关 键 词:电子政务 正则表达式 数据校验 数据锁 SQL注入 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象