检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:赵慧奇[1] 徐誉尹[1] 刘刚 杜春玲[1] Zhao Huiqi;Xu Yuyin;Liu Gang;Du Chunling(Department of Information Engineering,Shandong University of Science and Technology,Tai'an Shandong 271021,China)
机构地区:[1]山东科技大学信息工程系,山东泰安271021
出 处:《信息与电脑》2018年第22期214-215,共2页Information & Computer
摘 要:笔者的主要研究方向是教育领域网站系统的安全,主要对象为各级学校的教务系统和官方网站。网站系统的安全主要包括操作系统、数据库、服务器、编程语言以及客户端等。基于此,宏观分析目前教育领域中Web应用存在的各种安全问题,展现了各种攻击手法,如DDoS、SQL注入、XSS漏洞、File Upload漏洞、远程代码执行和文件包含等。同时,分析系统并总结相应解决方案。研究方法上,采用实地检测与理论原理分析相互结合的方案。The main research direction of the author is the safety of the website system in the field of education. The main target is the educational system and the official website of the school at all levels. The security of the website system mainly includes operating systems, databases, servers, programming languages, and clients. Based on this, macroscopical analysis of various security problems existing in Web applications in the current education field shows various attack techniques such as DDoS, SQL injection, XSS vulnerability, File Upload vulnerability, remote code execution, and file inclusion. At the same time, analyze the system and summarize the corresponding solutions. In terms of research methods, field detection and theoretical theory are used to analyze the combination of the schemes.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222