A FOUR-LAYER ARCHITECTURE FOR WEB APPLICATION SYSTEM SECURITY ASSURANCE: A SAFEGUARD MECHANISM RESEARCH

Security architecture model is an intractable research problem in web application systems. In the traditional three-layer architecture model, there is no specific structure and safeguard mechanism for the overall safety of the system. This paper analyzes the security problems of existing web application systems and proposes a new four-layer architecture model for secure web application systems. The four layers of this new architecture are: presentation layer, business layer, data layer and security control layer. Access control and communication security are implemented in our four-layer architecture by adding new functions on top of existing ones to the first three layers, i.e., presentation layer, business layer, and data layer. The new security control layer is mainly used to provide safety services, such as two-way certification of end to end communication, secrecy and integrity of communication data, undeniable service of end to end communication, algorithm of digital signature and security key distribution etc. This paper also defines functions for each layer and describes authentication, encryption, decryption and transmitting data flow for the new architecture. The deficiencies and security problems in the traditional three-layer architecture are resolved in the safeguard mechanism in our new four-layer architecture; moreover this four-layer architecture has preferable universality and opening performance.