| With the quick development of computer network technology, Internet comes into every field of social life, especially comes into the environments of enterprise information systems. At present, enterprise network has already become an important infrastructure of every enterprise. Nevertheless, with the continuous extension of network applications, attacks to networks are increasing as well. Attackers use network technology, illegally intrude computer system, steal information, tamper data, and bring heavy losses to enterprises. So, for a business enterprise, how to protect network and information against illegal access is a serious problem. It will affect the development of enterprise.To achieve that goal, the paper investigates the major problems of network security and the Intranet requirement, surveys the policies and technologies that implement network security. The paper brings forth a security network access scheme, which applies various security mechanisms and technologies to improve the entire network security.Public key infrastructure is a common security infrastructure. It uses non-symmetry cryptography to provide security service and lucidly accommodate the key and certificate management to the encryption and digital signature for all network applications. This paper brings forth a centralized application authentication and authorization mechanism based on PKI applicable to Intranet,which uses strong authentication to implement unified authentication and authorization. Not only increases efficiency but also enhance security of applications and resources. On the basis of it, the paper analyzes the problem of application Single Sign On, presents a scheme which implements Web SSO in enterprise based on Cookies, and another scheme which implements cross-domain Web SSO based on Security Assertion Markup Language. The schemes not only increase the security of applications and resources but also improve the system efficiency. |
PDF Full Text Request