Research on data and workflow security of electronic military systems

Based upon the command and control network infrastructure of the Army, now electronic military systems are being built to store, transfer, query and manipulate data for various military tasks. However, in the open and interconnected network environment, military systems are facing two main typical security threats, i.e., broken authentication and broken access control. This paper proposes an idea of building a security Web-based electronic military system by utilizing network security trust units. An authorization component based on PKI (Public Key Infrastructure) and LDAP (Lightweight Directory Access Protocol), as well as an access control component based on T-RBAC (Task-Role Based Access Control) are designed. The implemented security components are embedded into an online manuscript submission and editing system for CAPF (Chinese Armed Police Force) newspaper office to ensure data and workflow security. Practical application shows the implemented security components can effectively guarantee the security and reliability of the system.