| Since the appearance of internet, the development of related technologies is rapidly. Various application systems based on TCP/IP and its accessorial agreements appear one after another, which brings chances of more information as well as higher requirements for the information security and agility of the internet application systems. Identity authentication is one of the most important technologies.Generally speaking, every system has its unattached userinfo management function, and the format, denomination and memory mode of the users vary. The userinfo synchronization happens when the users need to use more than one application systems. The information synchronization will add the complexity of the system, and so does the management cost. The ultimate method of user synchronization is to set up UUMS. UUMS will memory all the application system information consistently. The related operation that the application system used for will be finished by UUMS, and other operations such as the authorization will be finished by the applying system, that is consistent memorization and distributed authorization.Single Sign On, SSO for short, is a popular method to solve the enterprises operation conformity. The definition of SSO is that to visit all the trustful applying systems user will only need to sign on once in more than one applying systems.Hereby we can see that in order to get the most sign-on agility as well as the information security, to visit more than one applying systems by SSO uses will only need to sign on once, which will improve the using efficiency of the application system. Appropriate information protection and identity authentication system must be used to guarantee the application security.PKI and RSA SecurID are the most common information protection systems.PKI which means public key infrastructure, is a key infrastructure management platform following the fixed standards. PKI can offer encryption and figure signature and the necessary key infrastructure and certification management system for all internet applications. Briefly, PKI is the basic establishment to offer security service by public key theory and technology. PKI technology is the core of information security technology as well as the key and basic technology of e-business.RSA SecurID is the identity authentication project before the user logging onto Windows. With RSA SecureID based on Windows, no matter the user want to visit the enterprise internet or log on the desktop at off-line status, their identity can be distinguished. The RSA SecurID is safer than static password, because it can bring easy and coherent methods for users logging on Windows and all log-on authentication can be checked.In conclusion, SSO is not comparatively independent security technology, and it combines with other information safe elements all the time. This paper analyses the familiar information security menace, main information security protection technology and its function in information transmission and user authentication. By contrasting the two kinds of information security protection systems of PKI and RSA SecurID the problem of why RSA SecurID is more suitable for the information security protection for SSO system can be explained. At the end of this article the embodier of SSO mode based on RSA SecurID system is showed.. |
PDF Full Text Request