摘要
随着“互联网+教育”的快速推进发展,高校的各类Web应用(业务系统和网站)快速增加,包括学校的门户网站、网上服务大厅、教务系统、选课系统等,其上存储着重要的师生信息和科研数据。Web应用为师生的学习和生活提供了便捷的服务,但由于提供商不同,系统架构设计和代码编写良莠不齐,加上高校信息安全的制度都还处于建立过程中,导致Web应用在上线之初就存在安全漏洞,一旦被黑客或恶意程序攻击,就会面临重要数据损失、网站被篡改等安全威胁。Web应用防火墙(web application firewall,WAF)专门用于防护Web应用安全,是高校信息安全防护的必选工具。本文从WAF工作原理、WAF部署方式以及WAF防护规则解析和使用等方面介绍WAF在高校信息安全工作中的应用。
With the rapid development of“Internet plus education”,the number of various web applications(systems and websites)in universities has increased rapidly,including the school s portal website,online service hall,educational administration system,course selection system,which store important information and scientific research data of teachers and students.Web applications provide convenient services for teachers and students in study and life.However,due to different providers,system architecture design and code writing are uneven.In addition,the rules and regulations of information security in universities are still in the process of establishment,resulting that there is vulnerability in new Web applications at the beginning of online.Once attacked by hackers or malicious programs,it will cause important data loss,websites tampering and so on.Web application firewall(WAF)as a necessary tool for information security protection of universities is specially used to protect web application security.This article introduces the application of WAF in the information security of universities from the aspects of WAF working principle,WAF deployment mode,analysis and use of WAF protection rules.
作者
王乐
王叶静
葛永兴
王唯
WANG Le;WANG Ye-jing;Ge Yong-xing;WANG Wei(Northeast Normal University,Changchun 130024,China)
出处
《长春师范大学学报》
2020年第4期80-82,104,共4页
Journal of Changchun Normal University
关键词
WEB应用防火墙
高校
信息安全
web application firewall(WAF)
universities
information security
