Title: | 安全性與高效能的入口網站 A highly efficient and secure portal |
Authors: | 蕭俊雄 Hsiao, Chun-Hsiung 蔡文能 Tsai, Wen-Nung 資訊學院資訊學程 |
Keywords: | 入口網站;Portal;Portal server;Web Services;WebPart;SQL injection |
Issue Date: | 2010 |
Abstract: | 企業入口網站,是企業系統電子化演進的一個階段,透過企業資訊整合,讓使用者只需透過單一入口,便可以獲得與自己相關的資訊。由於資訊系統標準不一、介面紊亂…等問題,造成資訊整合不易。因此,針對彙整不同資訊的來源,並有效率地進行資訊的擷取、過濾及傳遞,進一步協助員工,不論在企業內部或外部,進行各種機制的運作等,是企業導入入口網站的關鍵成功因素。
XML不同於過去的EDI,它是目前資訊系統跨領域,與其他企業間資料交換的共通標準方式之一,透過Web Service來傳遞交換資料,但Web Service存在著安全性與效能不佳的隱憂。隨著網路不斷的發展,新的技術和觀念,持續不斷的進步,如Blog、Time Line、RSS…等,隨著Web2.0的風行,有許多新的資訊呈現操作方式,逐漸不斷的被人引用,但是企業內的入口網站資訊,有著不同於一般入口網站的限制(Yahoo、PChome…等)——如權限控管,與跨系統間的資訊整合,還有分佈各年齡的階層員工,需要再教育問題…等,有待逐一解決。
本研究主要探討,如何應用現有的技術(或是引用Open source)條件下,用最少的投資成本支出的方式,投入開發企業的Portal,期望能開發出高效能,與安全佳的入口網。
在本研究中,利用一些現有的技術,在不增加企業的硬體投資,提出具高效能之Poratl系統架構,並根據SOA[4]的精神與雲端技術的概念,讓不同層級的員工,使用相同的元件情況下,檢視不同的資訊,並保留系統的彈性,即使是企業有組織調整和人員異動,Portal本身皆不需調整。 Enterprise portal is a phase of computerization for enterprise systems in which users can access designated information through the integration of system data and the adoption of single entry point. Since the non-standard and non-unified user interface and system can increase the difficulties of integrating varied information, the key element to a successful enterprise portal lies in effective extracting, filtering, and conveying information from different resources, which can further assist employees to utilize all kinds of business mechanisms in the interior or exterior of the enterprise. XML is far different from the past EDI; it is a standard for exchanging data over different domains between enterprises. Even though exchanging data through web services can also be achieved, there are still numerous problems that are known to be in existence in the aspect of security and efficiency for web services. Along with the consistent development of computer networks, the emergence of new technologies and ideas, such as Blog, TimeLine, and RSS…etc., and the growing popularity of Web2.0, more and more innovations of representations and manipulations of information are introduced to the public. However, since the constraints for enterprise portals are different from those of commercial sites, such as Yahoo, Pchome…etc., there are many issues that need to be addressed. For example, access control, integration across various systems, employees from different age groups, and the need of reeducation….etc., to name a few. This research is intended to discuss how to develop highly efficient and secured enterprise portals under the circumstances of employing existing technologies, including open sources, with minimum investment costs. In this research, it is proposed to adopt current technologies to construct a highly efficient system structure for the portal, without increasing the enterprise’s investments towards hardware equipments. Furthermore, based on the concepts of SOA and cloud technology, employees from all levels shall be able to obtain different information using common components, while preserving the flexibility and scalability of system in the cases of organizational changes or staff reorganizations, with no need to adjust the portal itself. |
URI: | http://hdl.handle.net/11536/46525 |
Appears in Collections: | Thesis |