| With the continual developments from technical concept to practical application of Web service, Its advantages: loosely coupled, language neutral, platform-independent ,capability of linking applications across the Internet etc have become increasingly obviously. While bring convenience to people, Web services also face enormous security challenges. As the authentication, authorization and access control, confidence-building and commissioning etc are the major issues of security, it is of great significance to conduct in-depth research on Web services identity authentication technology for improving the efficiency of the system and enhancing the security of Web services. studies on SAML-based centralized authentication and its realization results on digital campus shows that:①Based on the SAML standard specifications made in the digital campus solution for centralized authentication system, the program is able to overcome the existing centralized authentication solutions, interoperability is poor, cross-platform is bad, the lack of standards support, the deployment of high cost problem.②Colleges and universities based on user data management, decentralization and management processes, the complexity of design in line with college applications, LDAP data model, using a differential update data collection to ensure that the data concentration and consistency.③Put forward the concept of federal portal portal-based authentication mode of the Federation, reducing the SAML standard IDP push mode interaction processes, improve the efficiency of IDP push mode, but also reduced the transmission of information caused by security threats, tests show its efficiency and safety has improved.④S ecurity token integrated with WS-Security specification is designed to improve the security situation of SAML Specification. WS-Security specification is used to embed SAM assertions and important information into Simple Object Access Protocol message to ensure the integrity and confidentiality of SOAP.⑤Combining the federal security framework based on SAML2.0 service uniform identity authentication solutions and demand for ** College uniform identity authentication systems, a unified authentication system is proposed. For systems both can be modified and cannot be modified, integrated approach and WEB proxy integration approach are proposed respective.Test analyses demonstrate that the reliability and security of uniform identity authentication system, which make the management easier and improve the user experience. |
PDF Full Text Request