| Information Security is the precondition and guarantee of providing the high-quality service of the modern enterprise. Deploying the applications faces the dual security challenge. First, that only the legal users can visit the application resources should be guaranteed. Second, to take security protection measures shouldn't add burden to users. With the rapid development of IT and network technology, the applications become more and more in the company and every user has to memorize several passwords. Visiting different applications with different passwords can guarantee the legal visit, but put on more burdens. On the one hand, for being easy to memorize, users often use simple password and take notes, which greatly lower the security of the applications; on the other hand, users need log on whenever visiting an application, which greatly lower the work efficiency. Single Sign On, or SSO is an efficient solution to solve the problem.In this paper, by the research on Identification&Authentication and Access Control,we elaborate and analyze the theory on SSO. By centralized user authorization and integrated environment, SSO can manage and distribute users'rights and status, providing the services of user and right management. This paper presents a design of SSO system on Shanghai Mobile. Experiments prove that SSO can not only strengthen the user-friendliness, security and stability of IT system, but also can save the development resources of"logging on"module in different applications, which can improve work efficiency.The main content in this paper are Identification&Authentication, Access Control, theory on SSO, WEB service application, architecture, design as well as the realization of mobile SSO system, and we also put forward the summary and prospect. |
PDF Full Text Request