【作者】 丁迪；

【导师】 陈氢；

【作者基本信息】 湖北工业大学 ， 计算机应用技术， 2010， 硕士

【摘要】 随着信息系统的发展,电子商务对传统的企业信息系统带来了一定的冲击,电子商务环境下企业信息门户概念的提出以及发展则预示着电子商务发展的新方向。本文从信息门户的产生、国内外研究现状、现有信息门户的不足以及未来发展方向等方面对企业信息门户进行了深入的研究和分析。而对于目前庞大的企业信息门户系统,信息安全越来越受到重视,用户的身份验证无疑是信息安全第一个环节,其重要性也是无容置疑的。本文在分析了国内、外各种单点登录系统的实现模型及其优缺点的基础上,综述了电子商务信息安全的基本含义,对企业信息门户信息安全的性能、技术风险、技术等方面进行了详细的分析。提出了如何避免这些安全风险的相关技术。最后设计了一套适用于多种企业应用的单点登录系统模型。分析了基于SSL安全链路的单点登录的设计和实现,包括单点登录系统的整体结构的设计、基于数字证书的身份认证、可信任的第三方认证机构的设计、安全链路的通信协议设计和实现,最后在以上各点的基础上进行整合最终实现单点登录。详细论述了系统各个功能模块所采用的设计思想和具体技术并对此系统的具体框架和业务流程进行了介绍,同时,列举了具有代表性模块的具体设计。本文在最后对此系统的各个模块以及功能进行了综合性分析,指出了该系统的优缺点并提出了改进的思想以及今后的研究方向。更多还原

【Abstract】 Along with information system’s development, the E-business brings impact to traditional enterprise information system, the EIP concept’s statement and develops symbolizes the electronic commerce development new direction. This article from EIP aspects and so on production, domestic and foreign research present situation, EIP is insufficiency as well as future development direction has conducted the thorough research and the analysis to the EIP.As for the huge enterprise information portal system, information security is receiving increasing attention, the user authentication information security is undoubtedly the first link.based on the analysis of domestic and foreign various single sign-on system implementation model and its advantages and disadvantages, based on an overview of the basic meaning of information security, e-commerce, enterprise information portal for information security, performance, technology risk, technology and other aspects of a detailed analysis. The question of how to avoid these security risks related technologies.The final design set has been suitable in many kinds of enterprise application simple point registers the system model. SSL-based security analysis of the single sign-on link the design and implementation, including SSO system, the overall structure of the design, based on the digital certificate authentication, a trusted third-party certification body design, secure communication protocol link design and implementation, and finally on the basis of the above points to integrate the eventual realization of SSO. Discussed in detail the various functional modules of the system used in the design idea and the specific technologies and specific framework for this system and business processes were introduced at the same time, citing a representative of the specific design of the module.This article has carried on the comprehensive analysis in finally regarding the systematic each module as well as the function. Put forward ideas for improvement and future research directions.更多还原