节点文献
统一身份认证系统
【作者】 郑少鹏;
【导师】 杨文伟;
【作者基本信息】 广东工业大学 , 计算机应用技术, 2003, 硕士
【摘要】 随着校园网的逐步建设完善,各种基于网络的应用广泛的应用于校园的教学管理中.各种应用系统独立认证的弊端使校园网络使用的集中管理难以实现,因此,建立一个统一认证系统,对网络用户实行统一管理、统一认证和统一授权是校园网信息安全体系建设中的一个重要步骤。 现有的统一认证系统利用目录服务部分的解决了统一认证的问题,但是,由于其基于传统C/S模式的特点,在应用集成上存在不足。随着Web Service技术的发展和日渐广泛的应用,其高度集成性、松散耦合和实现简单等特点使其在应用集成上发挥着重要的作用。运用SOAP,可以很简单的实现对于Web服务的远程调用。所以,轻量目录访问协议和SOAP为实现一个易于集成的统一认证系统提供了良好的支持。 本文提出了一个基于轻量目录访问协议和SOAP的统一认证实现框架,利用目录技术实现了对网络用户和网络应用的统一管理;利用SOAP将认证服务封装为一个Web服务,使应用系统可以方便的实现远程调用,同时,提供了对WebService实现框架的支持。设计中,利用XML和SOAP完成异构数据库之间的数据交换,实现了用户信息的集中管理。系统的各个层次相对独立,保证了系统的松散耦合,同时,系统易于集成,新的应用系统可以不带自己用户系统依靠统一认证系统实现对用户的认证和授权,降低了开发难度。随着统一身份认证系统的逐步完善,将在校园网的信息安全体系中发挥重要的作用,使网络管理更加简单有效。
【Abstract】 With gradual construction of campus network being perfect, various kinds of network_ Based application extensive to apply to the teaching management of campus. But, due to the drawbacks of different systems independent authentication of application, the centralized management of using campus network is difficult to realize. So, setting up a unified authentication system, which is used to manage to the network user in unison, unifying authentication and authorize in unison, is an important measure in the information safe system construction of campus network.Existing unified authentication that system utilizes directory service partly solves the problem of unified authentication .However, for its C/S mode based; the system is1 insufficiently in using and integrates. With development of Web Service technology and day by day extensive application, its height person who integrate, loose coupling and realize getting simple characteristic makes it play a important role in using integrating. Use SOAP, we can transfer those long-distance Web services very easily. So Lightweight Directory Access Protocol and SOAP offer good support for realizing an integration unified authentication system.This paper proposes a realized unified authentication frames on the basis of LDAP and SOAP, which utilizes technology of the catalogue to realize the unified management to the network user and network application; and encapsulates authentication serve on a Web service with SOAP, So, many application systems can convenient realization long-distance transfer.; Besides, offers to Web Service’s support of realizing the frame. The designed system completes data exchange between difference construct databases with XML and SOAP technologies, and realizes the centralized management of user’s information. Each tie of the system is relatively independent, which guarantees the loose coupling of the system, In additional, the system can be integrated easily. So, new application system need not rely on it’s own authentication system but unified authentication to complete the authentication and authorization of users, and reduces the degree of difficulty of system developing. With the unify identity authentication system being gradual and perfect, it will play an important role among the information safe system of campus network, and network management will be simpler and effective.
【Key words】 Unify Identity Authentication; LDAP; SOAP; Information Security; User Management;
- 【网络出版投稿人】 广东工业大学 【网络出版年期】2003年 02期
- 【分类号】TP391.4
- 【被引频次】14
- 【下载频次】398