Design And Implementation Of Policy System Integrated Authentication And Authorization System

After years of IT system construction, although police department has basic-ally reached the police use of IT technology to enhance the treatment efficiency, cost savings target of police operations, but the public security system and other ind-stries, with a large number of different police service system to produce the inf-ormation processing system, authentication system certification of these systems there is information is not unified, fragmented, low security risks.Therefore need to establish a comprehensive public security police certificate authentication service center system to provide a sound general police services, police officers reunification identity information, the police authority business systems, information management, and provide certification and authentication of external services, making other police business systems through a simple to configure, they can use service centers for certification authentication service, meeting requirements for multi policy system coexist under, user identity, auth-orization centralized management and single sign-on needs and resolving conc-onstruction process the information user-defined inconsistency, organizations management chaos, complexity, and authorization management system of export diversification, such issues as the construction of enterprise information technol-ogy provides a convenient platform.This paper describes an accord with J2EE architecture, LDAP protocol, RBAC model and so on standard system standard authentication jian right of police services comprehensive service system. From the study of requirement analysis, system structure, technical scheme, and the detailed design, the achievement of the system, system testing of the development process of this system are descri-bed.System established the identity authentication service center to provide a unified business application system, the client USES validation entrance provide plugin, various business system adopts the HTTP protocol to interact with the authentication server, complete identity authentication, Established jian right service center, the user first visit to the business system, the discrimination rights information initialized and preserve in system cache, reduce the business system and jian right service center information interaction frequency, and enhance the system performance, in role-based access control strategy in order to RBAC mo-del as the foundation, solved the police systems involves access control problems, realized the fine granularity, access control, System to LDAP directory server for all of the information management center, storing user identity information, roles and access control information, compared with the database as the center of the distributed network system, and has better scalability and centralized managem-ent function, flexibility is stronger and achieve a more simple.Public Security Police comprehensive certification and authentication service centers by testing the application in practice, and achieved good results and good application to improve the efficiency of police officers, and that the system can other industries have a good IT system extension and reference.