| With the rapid progress of computer network technology,all kinds of network applications increase dramatically.Generally,tile user authentication systems and authentication data are implemented in those applications respectively.Users may get into trouble,when logging in network softwares,that every application owners its own authentication information so that they must remember the usemame and password in each application.Especially,when someone wants to modify his data,he must rework in every application,these make users inconvenient.There are a lot of projects to solve this inconvenience put forward by many researchers,but unfortunately,some shortages still exist.When directory access protocol comes forth,these problems can be solved perfectly,however the LDAP has a few shartages,especially on security.This paper researches the directory access protocol(DAP) X.500,especially the lightweight access protocol(LDAP),and analyses the difference between Directory Database and Relational Database,discusses LDAPv3 security model and the shortages in this model,including passwrod policy and all kinds of authentication mechanism.Redifine the SASL model used by LDAPv3,and proposed the Digest authentication mechanism based on Public Key.Lastly,We take account of the trait of digital network in compus and the experience of native and foreign researchers,and propose a uniform anthentication system model.A uniform authentication system based on OpenLDAP is implemented on Linux platform,including SASL,TLS,FTP server,with an implementation of user management kit in PHP on Web server. |
PDF Full Text Request