Font Size: a A A

Clusters Of Intrusion Tolerance Cas Single Sign-on System And Application

Posted on:2012-07-30Degree:MasterType:Thesis
Country:ChinaCandidate:C X WangFull Text:PDF
GTID:2208330335990663Subject:Computer Science and Technology
Abstract/Summary:
Single Sign On is a popular way to integrate several applications today. It can provide a unified authentication service for several applications. Single point of failure and security of Single Sign On is two important issues in Single Sign On systems. In this thesis, we take CAS as research background and work on single point of failure and security in CAS. Besides, we study and design the Single Sign On systems based on CAS to satisfy requirements of the Common Service Platform of Science and Technology Evaluation.In this thesis, we study and analyze cluster technology and intrusion tolerance technology. It is the fact that there will be single point of failure when large number of users access CAS, because there is one server in original CAS. In this thesis, we apply load balance cluster to original CAS and propose a cluster CAS model. In this model, there are three servers and user requests will be dispatched to three servers, so the load of every server is reduced and single point of failure is avoided. Furthermore, since CAS Server integrates user authentication of several applications, these applications will not be accessed if CAS Server is attacked. So, how to secure server of Single Sign On is an important issue. For solving this issue, we analyze methodology of self-cleansing intrusion tolerance and apply it to cluster CAS model, and we propose a CAS authentication model with intrusion tolerance. This model controls online time of every CAS server, a low online time results in the increased security because the attacker has a smaller time to exploit the server vulnerabilities. In the last of this thesis, we apply the cluster CAS model with intrusion tolerance to the Common Service Platform of Science and Technology Evaluation, and design unified authentication module, register module, user information edit module and unified user information management module according to actual requirements of the Common Service Platform of Science and Technology Evaluation.
Keywords/Search Tags:Central Authentication Service, Single Sign On, cluster, intrusion tolerance
Related items