Research And Implementation Of The Cross Network Uniform Identity Authentication Based On Virtual Desktop

With the development of network and information technology,more and more companies increase investment to enhance the interoperability and data exchange between external servers and internal network and systems by network integration.It can bring great convenience for social production and living but,at the same time,it leave behind a new network security issue.Athentication as one of important mechanisms for performing a network security often used to the network integration projects.Our system using uniform identity authentication(UIA)and single sign on(SSO)mechanism,allows all users in teaching network access internal resources through virtual desktop from Internet only need once identity authenticating.In order to protect internal resources,virtual desktop always deployed in an independent and controlled network,so that we have to utilize network address translation(NAT)technology to across it.Specifically,this paper takes advantage of Kerberos protocol and Lightweight Directory Access Protocol(LDAP)designs and realizes UIA and SSO which base on virtual desktop environment,achieves three tasks below:First of all,we technically demonstrated the feasibility about two network integration,and realized a UIA platform which based on virtual desktop environment;second,we set up virtual desktop system on KVM virtualization platform,and allowed users sign in the virtual desktop on Internet accessing internal resources in teaching network through our scheme which based on the shared secret protocol;third,we improved SSO platform which base Kerberos protocol and LDAP,joined Meap and VPN technologies,which made the system can be applied to more kinds of enterprise requirement.Compare with traditional uniform identity authentication system(UIAS),this system has a loose coupling architecture and high scalability,so that it can dynamic deploying and loading virtual desktop operating system in an easy way.Meanwhile,this system combined VDI with IAAS,and started a new cloud computing field : Desktop as a Service(DAAS).