| With the rapid progress of e-business and Internet technology, a new concept named e-government has been founded. The goal of e-government is use IT and Internet technology to improve the efficiency of the traditional government department. The chief problem of e-government is about security. Many researchers concern about this issue. All nations are devoting themselves into this field. The authentication is the key part of the network security. It is also the main problem we should resolve. Authentication acts as the most important role when we want to guarantee that only authorization users have the rights to access the secret information, thus constructing a powerful authentication mechanism to ensure security of e-government system becomes a crux point. Now the trend of authentication technology in whole world, the first is fusing various mechanisms to enhance validity and security; the second is bi-direction, namely, not only authenticate the server but also the client; the third is standardization and unification, standard is which we can stand by, uniform authentication makes things easy. The information circulating in e-government system, some is for public, and the other is private. Considering of the particularity of e-government system, we bring forward a new scheme. In this scheme, we use CA digital Certificate to authenticate the WEB server, apply COM technology to realize an OTP authentication mechanism to authenticate common user, use digital Certificate carried by e-key to authenticate e-government system manager, and use SSL technology to encrypt the data transferred by the server and the client. This scheme use different authentication mechanism to authenticate users of different level to ensure the mobility and security of user account. It also provides a uniform and standard authentication service by using token mechanism, to make sure that users of various application systems can only login once. We also analyze the feasibility and security of this scheme, and provide some kernel executable codes. At last we construct an instance based on this scheme, and this instance has already been put into use. This scheme, which is bi-directional, using multi-mechanism to ensure safety authentication and providing a uniform authentication service to other e-government application system, meets the need of current e-government system. But authentication technology and e-government system are continually developing, there are still many problems need to be solved.
|
PDF Full Text Request