The Research And Development Of Integrated Identity Authentification System

Nowadays information safety technology is concerned more and more along with enterprise informatization, E-commerce and E-government that characterized by integrated application of network resources, remote processing and network cooperation. At the front line of information safety, the conventional single identity authentification is challenged by emerging technologies (new attacking methods and authentification technologies). Motivated by network development, identity control changed from dispersed type (low efficiency) to centralized type. SSO (Single sign-on) becomes a focus of discussion.Although various applications have different requests on identity authentification and identity authentification technology develops very fast, few product that can provide multiple identity authentification service is available on the market. With the help of Identity Authentification Project of Information Safety Technology Center of Chongqing Municipality, integrated identity authentification model (IntPerIDA) is proposed in the thesis after study of various identity authentification technologies. Based on Web Services, identity authentification service for multiple platforms is provided by the model. Thus, safety risks and repeat code writing of the dispersed identity authentification are avoided. Identity authentification modules can be expanded dynamically by IntPerIDA. Various identity authentification technologies provided by IntPerIDA can be combined freely by the user with"identity authentification strategy".At first, analysis and design process of IntPerIDA system was done by way of software engineering and object-oriented method. Then, the system was implemented tentatively and test results were obtained, validity of the model was proved. Abstract factory pattern and reflection technology was used for strategy analysis and dynamic module call. Details of the above mentioned study are described in the thesis. Then, the expandability of the IntPerIDA system is discussed. Finally, safety of IntPerIDA system on platform level, message level and application level is analyzed.As no reference system is available at present, system design of integrated identity authentification was studied tentatively. Some practical and guide values for subsequent study and similar applications are expected by the thesis.