Research And Implementation Of A Single Sign On System

Traditional authentication mechanism is based on user's name and password. When a user wants to enter a system, he must input the right account information. If he wants to visit resources in different systems, he must input various account information to enter corresponding systems. This mechanism wastes user's time and make user remember so much account information.Single Sign On is introduced to resolve this problem. When a user firstly enters a system, he has to authenticate himself to the system. If he succeeds, the system will map the user realistic identity into electronic identity. Through the secure and efficient transfer of the electronic identity, the user can visit all systems automatically and efficiently without repeatedly inputting his account information.In my dissertation, I introduce the concept, technique requirement and various models of Single Sign On system. Through analysis and compare of those models, Kerberos protocol is chosen to implement the broker-based single sign on system. I discuss the design idea, system architecture, running principle and the details of implementation of the authentication server.