针对当前企业信息系统登录方式在安全方面存在的问题和不足,分析了传统登录子系统解决方案中存在穷举攻击和SQL注入等诸多安全漏洞.借鉴B/S与C/S中登录安全技术,提出一种基于加密、验证和漏洞检测的改进方案.详细描述了系统的设计思想、工作原理、总体架构及具体实现方案,为用户提供了一个安全性高、成本低的登录系统解决方案.%In view of security problems and shortcomings in current Information system, the exhaustive attack and SQL injection loophole in traditional login subsystem solution are have been analyzed. Using B/S and C/S login security technology, based is proposed an improved solution on the encryption, authentication and loophole detection method. The system design thought, working principle, overall structure and specific implementation plan in detail are described and provided users with a high safety, low cost login system solution.
展开▼