| With the continuous development of information technology in enterprises, moreand more application systems are built for business. Usually, users have to login everysystem for authentication. And it reduces the efficiency severely and also brings a lot ofsecurity risks. This paper presents a Single Sign-On Authentication Model, which cansimplify the process of using the resources of systems and improve the whole security.Firstly, the paper analyzes several common models of Single Sign-On, as well asthe mechanism of authentication and the access control technology. According to therequirements of enterprises, a Single Sign-On Authentication model which based onPKI/PMI is proposed. With the mechanism of Kerberos, the model has widerapplicability. Then the paper shows an overall design, analyzes the structure of thesystem and describes the functions and workflows of the modules. The centralauthentication server is designed in detail, which is described formally by the BANlogic to analyze the security.Finally, combined with CSIC OA System, the model is implemented by J2EEplatform in this paper. Meanwhile, the tests on the functions and response efficiency aremade for verification. The test results show that the model achieves the desired goals.And it has also been in use practically. |
PDF Full Text Request