摘要： 以某大型人力资源企业开放平台的构建为例，介绍开放平台的选型、设计、整体架构及各部分组件的功能。针对开放平台实践中面临的安全问题，给出相应的安全策略和实施方案。该开放平台已开发完成并投入正式使用，实践结果表明，平台的设计有效地兼顾了开放性与安全性。

关键词: 开放平台, 安全策略, F8标准, penSocial标准, OAuth协议

Abstract: This paper gives a comprehensive discussion about how open platforms should be implemented, particularly about how the security measures should be put into practice. This discussion is based on an open platform which is successfully developed and deployed for a human resource company. A meticulous tradeoff is made between openness and security concerns for this open platform.

Key words: open platform, security strategy, F8 standard, OpenSocial standard, OAuth protocol

中图分类号: 

• TP309