| With the popularization of network applications, the degree of enterprise' s reliance on informationization is strengthened gradually. It makes information security become more and more important. In order to solve the unify authentication that is under the disperse environment, a lot of enterprises and organizations have carried on a large amount of research to single sign-on (SSO). The basic thought of SSO is to change the complicated security framework into Single Sign-On service. All security algorithms reflect as an independent security certificate point in some specified domains. Users only need to login once even if he visit different modules. After successfully login he can visit all the authentication network resources.Over the years, with the enrolling business informationization continuously improved and in-depth, Guangdong Province Test Center(GPTC) has accumulated a lot of systems. Proposed along with the NMT of Guangdong Province, the security and Sing-Sign On issue have become increasingly prominent. In full consideration of exists and potential security risks from external network and internal network. It' s necessary to build a reasonable and extensive enrolling system for GPTC. Because of this need, this thesis introduces a peer to peer Single-Sign On system which was made use of J2EE technolog on the basis of comparison of Sigle-Sign On systems before.For solving the drawbacks of traditional Sigle-Sign On systems such as low efficiency, complicated operation, difficult to extent and so on. this thesis presents the solution scheme for peer to peer network technology, and introduce an uncertain probability model synthetical appraisal algorithm for peer node credit mechanism;To solve the load balancing problem ofreciprocal authentication, the author has improved the traditional dynamic feedback load balancing algorithm, using the theory forward predict function of Bayes to improve gathering load information cycle predict algorithms greatly, this reduced the cost to load and gathered the information effectively . At last, we have solved the difficult problem for achieving load balance in Single-Sign On technology.Under the support of these theory described above, we designed and realized the authentication module, the service module, the ticket module and the web module for JPSSO. This thesis made reference to the design ideas of the more mature Single-Sign On System-Yale CAS , inherit and expand the features of the security authentication module which can be configured, At the same time, we add system load-balancing technology, try to introduce peer to peer technology in the field of Single-Sign On. Based on actual needs, we introduced other Single-Sign On technical advantages and avoid some common technical shortcomings. Therefore, this paper has some reference value on the study and applies with Single-Sign On technology. |
PDF Full Text Request