| Many independent authentication applications and many kinds of authentication methods are being applied to enterprise's network,cause not one times authentication of the identical user, currently.Therefore, it has brought efficiency problems and some security incipient faults. As an important aspect of network security, the theory of identity authentication and single sign on (SSO) has been also mature.The urgent need people design a unified security authentication environment to support the cross platform,the unification many kinds of authentication methods and application's SSO.The article has proposed and realized an unified security authentication environment (USAE) . The system Supports presently based on the password, token, smart card, biological characteristic and so on authentication methods by an unified authentication interface;The system uses the principle of based on role management realize applications and the user's authorization;The system uses Kerberos protocol principle to realize the total protocol process, to assure the system's security;USAE supports (Generic Security Program Interface)GSS-API applications, to assure the cross platform and the versatility;And in order to make the traditional applications be compatible in the system, the article has proposed a reforming method.USAE has unified authentication methods, and realized applications's SSO. Regarding the working efficiency, the management and audit unification, the security, the reduction later develop in applications, the flexible configuration, the economic cost saves and so on, to bring the comprehensive promotion.;And in further study pointed out that, if introduced the public key scheme to this system, it no longer merely will limit in the local network, will be able to solve some security problems in the Internet network. |
PDF Full Text Request