| ASP平台安全认证技术的研究与实现 |
| |
| 引用本文: | 袁晓舟,范菲雅,马登哲.ASP平台安全认证技术的研究与实现[J].计算机集成制造系统,2005,11(12):1738-1742. |
| |
| 作者姓名: | 袁晓舟 范菲雅 马登哲 |
| |
| 作者单位: | 上海交通大学,计算机集成制造研究所,上海,200030;上海交通大学,计算机集成制造研究所,上海,200030;上海交通大学,计算机集成制造研究所,上海,200030 |
| |
| 基金项目: | 国家863/CIMS主题资助项目(2003AA414012)~~ |
| |
| 摘 要: | 为满足应用服务提供商平台集成多种异构应用系统的实际需求,提出了一种采用统一安全认证技术进行轻量级应用集成的解决方案。该方案采用目录服务数据库,统一存储用户身份和权限信息,使用会话令牌保证用户身份的持久有效性,通过策略代理保护应用服务资源的安全,并对用户的访问进行统一授权和控制。为实现用户在平台和应用系统之间的单点登录,提出了令牌和代理相结合进行身份信息传递与验证的实现方案,尤其是解决了跨域单点登录的难题。该方案已成功应用于上海电信理想商务应用服务提供商平台。
|
| 关 键 词: | 应用服务提供商 认证 授权 单点登录 访问控制 目录服务数据库 |
| 文章编号: | 1006-5911(2005)12-1738-05 |
| 修稿时间: | 2004年10月14 |
Research and implementation of security authentication technology on ASP platform |
| |
| YUAN Xiao-zhou,FAN Fei-ya,MA Deng-zhe.Research and implementation of security authentication technology on ASP platform[J].Computer Integrated Manufacturing Systems,2005,11(12):1738-1742. |
| |
| Authors: | YUAN Xiao-zhou FAN Fei-ya MA Deng-zhe |
| |
| Abstract: | To satisfy requirements from Application Service Providers'(ASPs) on integrating different application systems into ASP platform,a light-weighted integration method was brought forward based on the unified security authentication technology.According to the method,all users' identification and authorization information were stored in a Light-weight Directory Access Protocol(LDAP) based directory database,tokens were set to keep user session's validity,policy agents were installed to protect all the application resources,and user's access to these resources were granted and controlled centrally.Combining the use of tokens and policy agents,the problem of Single Sign On(SSO) among platforms and applications,especially SSO among cross-domains,could be solved.Finally,this method has been successfully implemented in,"Shanghai Telecom Ideal Biz ASP Platform" Project. |
| |
| Keywords: | application service provider authentication authorization single sign on access control directory database |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
