Research And Implementation Of Single Sign On In E-Government

With the development of the network technology, eBeijing-the Official Website of the Beijing Government is continuously improved, and it's system scale is becoming larger and larger. If users log in a lot of systems in portal, they not only face more login interfaces, but also remember different user names and passwords. Each system has their own account management system and distrusts each other. System administrator has to maintain the information of users, and guarantee the consistency of all data. As the increment of logins, the possibility of making mistakes, destroying illegally, being intercepted, being captured will increase and the security of systems will be reduced correspondingly. Considering the efficiency and security factors, an efficient and safe network authentication system, the SSO technology, is urgently needed. The SSO is a system that once the user successfully passes the identify authentication process; It can get access to the authorized resources without other identity authentication process.This dissertation sets forth the design background of SSO System in eBeijing, to solve the eBeijing's problem of the unified authentication and user management. By the research on Identification&Authentication and Access Control, we elaborate and analyze the theory on SSO. Combining with eBeijing reform need, the SSO Model based on agent and broker is proposed after comparing the current several SSO Models, and its design and implementation are based on Kerberos protocol. The model comprises two parts: server module and agent module. The server module finishes central authentication of user identity and distribution and validation of tickets. The agent module processes user requests, redirecting requests to server module depending on request parameter, complete interaction with servers, via Cookie and Ticket implementation SSO. At the same time, the use of J2EE architecture, designed and implemented a unified user management module, solved unified management of system of user and collaboration applications. Finally, by the test of SSO in eBeijing, it is proved that every aspect of eBeijing have significantly improved, such as user management, system efficiency, ease of use, security, etc.In this paper, the main work lies in the establishment of SSO based on agent and broker model. In practical application, to realize their functional integrated business applications and integrated systems through redirection and Cookie technology, the realization of e-Government portal will play an important guiding role and value in the sharing information, promoting collaboration between business systems realizing the further decision support systems and the vertical business channel among system.