| Along with the rapid development of Internet technology, the communication and collaboration between entities of Internet has become more and more convenient , the multiple service suppliers' serving their common users in federation has become reality. But under the traditional model of Internet collaboration, It is a problem for service providers that they must realize the management of users in multiple security domains. At the same time, it is also a big burden for users to remember the different username and password in different security domains accurately. In recent years , the grown up of the XML and Web Services technologies has provided a solid foundation in Internet technology for realizing the federation of service.This topic introduces the disadvantage of traditional authentication system, and then amply explains the origin, conception, structure of SSO system and the differences from the traditional authentication system. After that, it presents some common solutions of SSO system, and analyzes the feasibility, manageability, security and convenience respectively.In this topic, a simple SSO system is designed which shares the similarity with the gateway. This system adopted the authentication mechanism based on digital certificate and the PKI technology which will guarantee the security of user identity transmission, and uses the concept and technology of EAI to design the technological structure and the connective form of SSO system. On one side, it is convenient for the unification of user management; on the other side, it is fit for the practical demand of the E-Government. In the practical application of SSO, Cluster technology is used for deployment, which improves the usability and reliability of the whole system and has obtained good effect.Finally, the topic makes some positive exploration in the design and realization of SSO system, which mainly focus on the attempt of the secure transmissions of user identity and the establishment of the trusting relationship among systems. At present, there is a tendency that a united and standard security authentication mechanism is formed on internet so that SSO could be realized in the near future. |
PDF Full Text Request