Study And Implementation Of Unified Authentication And Authorization Management Platform

With the development of information technology， the enterprise internalapplication system is getting more and more. Because these systems are mutuallyindependent，the user must defer to the corresponding system status to carry onregisters before using each application system， for this reason the user mustremember each system’s user name and the password，this has brought many troublesto the user. Specially along with system’s increase，the possibility which will make amistake will increase，receives the illegal interception and the destruction possibilitywill also increase，the security will correspondingly reduce.In this context， the4A is applied to the HNMCC. It is a centralized securitymanagement tool， including Account management，Authentication management，Authorization management and Audit management. It can improve the security levelfrom a global perspective. Because the Authorization management is the core of4Acomponents， this paper will focus on the design and implementation of Authorizationmanagement.By analysis of the4A and the requirement about its privilege control andmanagement，the role-based User privilege management system is introduced. Theconcept and relation of users，roles and function items are talked. The system ispowerful and easy to learn and use. And the application of the system gives theapplication system a strong support on its security aspect.In this paper，telecom operators network in accordance with the actual situation，as well as authorized service platform for access control the actual needs of theresearch and development of a unified rights management system and implementationof the system single-point sign. Specific job in this article is as follows:1) Analysis and comparison of the existing rights management programs aremade， and then comes a conclusion.2) This article describes two important theoretical background: a unified identityauthentieation and rights management, and introduces the unified rights managementsystem to be used in several technologies including J2EE，Web service and XML.3) application scene Analysis the importance and necessity of unified rightsmanagement system from two aspect including requirement and application..4) Detailed design development of a unified rights management system， including: overall system design，system function description，the portal design，database design and interface design.