剖析了我国政府网站的安全现状和存在问题,从技术角度详细论述了加强政府网站安全防护的8项措施,主要包括:统一的用户身份验证、数据访问的权限控制、信息追溯管理、数据库并发控制、“三层架构”建设模式、网站目录权限最小化、部署网站防护体系、定期备份和日志检查。最后重点指出只有多项安全策略综合应用、共同构筑坚固的政府网站安全防护体系,才能有效抵御日益猖獗且形式多样的黑客攻击,维护政府部门的良好形象。%This paper analyzes the security situation and existing problems of government websites in China,and thor-oughly discusses eight measures of strengthening the security protection of the websites,including unified authentication of users,access control of data,message retrospect management,database concurrency control,“three-layer structure”construction mode,minimization of website directory permissions,deployment of website protection system,regular backups and log check. In the end,it points out that only through a comprehensive application of multiple security strategies and jointly building a strong government website protection system,can government websites effectively resist the increas-ingly rampant hacker attacks and maintain a good image of government departments.
展开▼
