The Research On Security Technologies Of Enterprise Computing Environment

Posted on:2006-08-27

Degree:Master

Type:Thesis

Country:China

Candidate:Y Ni

Full Text:PDF

GTID:2168360152982584

Subject:Computer software and theory

Abstract/Summary:

PDF Full Text Request

The development of distributed computing technologies have improved the interoperability of the Enterprise Computing Environment(ECE). At the same time, it presents a great security challenge for enterprise.How to enforce the security of ECE has become the focus for research. Based on the study of the security technologies of ECE, the thesis describes the security architecture and mechanism of the EXIST system, which provides a e-government oriented data exchanging services.The thesis makes a detailed analysis and description on the design and implementation of main security technologies in this system.In EXIST system's distributed architecture, the exchanging hub acts as the server and the adapter acts as the client. Web services is used as the way of service interaction. Firstly, the thesis makes a research on OSI and ECE's security architecture.,based on which the EXIST system's security architecture is layouted and designed.The system makes use of structurized user management model and resource management model based on LDAP to enforce system management seucrity, which facilitates the system's implementation of Role-Based Access Control(RBAC). The system utilizes Public Key Infrastructure(PKI) to implement strong authentication and Privilege Management Infrastructure(PMI) to implement strong authorization. RBAC is used to implement system's access control. The thesis makes a study of the above three technologies and makes a detailed description on the design and implementation of RBAC based on PMI.In the last part, the thesis makes a research on the web services and its security technologies. The system's web services security is implemented with XML signature, XML encryption and SOAP security extensions, which ensure the data's confidentiality and integrity in the process of service interaction.In general, with the qulified security architecture and services, the EXIST system satisfies the security requirements of e-government oriented data exchanging.

Keywords/Search Tags:

enterprise computing environment, e-government, data exchanging, encryption, digital signature, authentication, authorization, access control, Public Key Infrastructure, Privilege Management Infrastructure, Web services

PDF Full Text Request

Related items

1	Research On Authentication And Authorization Based On PKI & PMI
2	Research On Access Control Methods In Extended Organization PKI Networks
3	Research And Application On Privilege Management Infrastructure
4	Design And Implementation Of Related Application For Public Key Infrastructure
5	Study And Implementation Of Access Control Architecture For Extended Enterprise
6	Web-based Service Authorization And Access Control, Research And Design,
7	Design And Implement Of Enterprise's Digital Authentication System Based On Public Key Infrastructure
8	The Research And Application Of Authentication And Authorization Mechanism Based On SAML And PMI
9	Prototype Implementation Of Privilege Management Infrastructure
10	Design And Implementation Of PKI-Based Kerberos Unified Authentication And Authorization System