| Linux网页防篡改机制的研究与实现 |
| |
| 引用本文: | 严承,王伟平,段桂华.Linux网页防篡改机制的研究与实现[J].计算技术与自动化,2010,29(2):133-136. |
| |
| 作者姓名: | 严承 王伟平 段桂华 |
| |
| 作者单位: | 中南大学,信息科学与工程学院,湖南,长沙,410083 |
| |
| 基金项目: | 国家自然科学基金资助项目 |
| |
| 摘 要: | 网页防篡改对web安全来说是至关重要的,传统的防篡改技术需要对网页文件进行备份,并且不能实时检测和防止篡改。从Linux操作系统底层调用的角度出发,研究基于事件触发的文件防篡改机制,将其应用到Apache Web网页防篡改系统中.该机制通过文件操作事件触发文件操作的合法性验证,从而监控和阻止对网页文件的非法篡改.测试结果表明,在无需备份网页文件的情况下,该机制能够有效地防止Apache Web网页的非法篡改,具有良好的运行性能。
|
| 关 键 词: | 网页防篡改 Apache Linux LKM(Linux可加载内核模块) |
Research and Implementation of Webpage Tamper-resistant Mechanism for Linux |
| |
| WANG Wei-ping,YAN Cheng,DUAN Gui-hua.Research and Implementation of Webpage Tamper-resistant Mechanism for Linux[J].Computing Technology and Automation,2010,29(2):133-136. |
| |
| Authors: | WANG Wei-ping YAN Cheng DUAN Gui-hua |
| |
| Affiliation: | (School of Information Science and Engineering,Central South University,Changsha 410083,China) |
| |
| Abstract: | Web page tamper-resistant is critical to web security.The traditional anti-tamper technology needs to back up all the website files,and can not do real-time detection or stop the tampering activity of web page.This paper proposes an event-triggered anti-tamper mechanism on Linux,and also gives the design and implementation of an Apache Web page tamper-resistant system based on the mechanism.In this mechanism,the legitimacy verification operation will be triggered by the event of file operations,thus the mechanism will be able to monitor and prevent illegal modification of web page files.System test results show that the mechanism can effectively prevent Apache web page files from illegal tampering almost without any performance degradation,while it does not need to do backup for any web pages. |
| |
| Keywords: | Apache Linux |
| 本文献已被 维普 万方数据 等数据库收录! |
|
