The Cross-domain Authentication System In The Application Of Weblib Cloud Storage System On The Basis Of Shibboleth

With the rapid development of information technology and the coming of the era of big data,data and information become an invisible precious resource in today's society.These resources may deploy in different institutions,such as: enterprise,hospital,school,only internal personnel have access to these resources,external personnel have no access,the system is in the state of information isolated island,resources value could not be fully play.With increasing in the number of resources and the role of increasingly significant,open sharing of cross-domain resources also becomes more and more urgent.Resource sharing between each of the system that the system structure is complex,and have the custom of separate identity authentication and authorization of access control mechanism,which makes it difficult to make applications compatible,in this context,cross-domain authentication and authorization management has become an important problem to solve.In this paper,the existing of cross-domain authentication technology has carried on the investigation and analysis,this paper proposes a federated cross-domain authentication mechanism.According to the research status of resource access control technology,this system makes the improvement for the RBAC permission management,which can realize the inheritance of the permission management and permission on the basis of user group.In the user information management,on the basis of Grouper,the middleware introduces the user group concept,so that the relationship among the users becomes clearer,which lets the managers have the convenient management for the users.Summarizes the improved scheme,this paper designs a set of cross-domain authentication system base on the Shibboleth,which can resolve the problems of user identity authentication and access resource control of the sharing resources,moreover,it realizes the cross-domain access of Weblib cloud storage resources.This paper focuses on realizing the functions of identity authentication and access control of the cross-domain resources access,by establishing the mutual and credible Federal Authentication Mechanism.on the basis of Shibboleth frame,this paper designs the credible federal model,according to the original authentication method and user data characteristics of the different resource system,this paper designs and realizes the authentication method of the identity authentication end.and this paper also introduces the optimal user group management of Grouper middleware.this paper aims at the cross-domain resources access control to make the permission management strategy on the basis of user property,so as to realize the security of resource sharing.after carrying out the functional test for the whole system,it makes the analysis for the test result,which verifies the correctness of the system design and the feasibility of the scheme in this paper.