The Research And Design Of Unified Identity Authentication System Of Campus Network

With the rapid development of Internet, a number of digital applications, such as E-Business, E-Government, OA, are growing up in the global range. The building of digital campus is the important task of informatization and the sign of university modernization. However, the status of the network security is becoming worse at the same time. Furthermore, the security problems restrict the farther development of the Internet. The identity authentication is very important in the network security. The main research in this paper is to set up the unified authentication system which can implement unified authentication, authority and administer to satisfy the demand of Single Sign-on of users in campus network.The identity authentication technology is introduced in this paper. And all kinds of Single Sign-on modes are compared. The transfer of tickets of Kerberos is analyzed in the protocol. The Kerberos, which is based on credible third party authentication protocol, is ameliorated contraposing its localization in Browser/Server mode when it is used in campus network. A method integrating authentication mechanism named Kerberos with SSL protocol is proposed. This system adopts the broker-based single sign-on mode combining agent mechanism. Through tickets transferring, this system realizes user unified authentication and authority in campus network.The paper mainly completes the design of authentication server and agent in application servers. Authentication server is designed to be a web application. Granting all kinds of tickets and authenticating users in browser or application servers are realized by its main function modules. Agent is deployed in the application, which is protected by this system. It protects resources in the application and deals with service tickets and proxy tickets to implement agent mechanism.The system is developed through the standard platform of J2EE. Because of relatively independent hiberarchies and function modules, the system can be integrated easily. And, new application systems need not rely on its own authentication system but unified authentication to complete the authentication and authorization of users, and reduce the degree of difficulty of system developing. With the unified identity authentication system being perfected, it will play an important role among the information safe system of campus network.