轻量级门户单点登录服务机制

罗辛; 吴晶; 熊璋; 蒲菊华

轻量级门户单点登录服务机制

北京航空航天大学计算机学院, 北京 100191

基金项目: "十一五"国家科技支撑计划重大项目(2006BAB04A13)

详细信息

中图分类号: TP 302.1
计量
- 文章访问数: 2948
- HTML全文浏览量: 194
- PDF下载量: 1011
- 被引次数: 0
出版历程
- 收稿日期: 2007-05-21
- 网络出版日期: 2008-06-30

Lightweight single sign-on service mechanism for portal

School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics, Beijing 100191, China

摘要

摘要: 信息门户的建设过程中需要容易实施且灵活高效的整合模式.为克服传统单点登录机制无法满足在动态松耦合环境下实现快速整合的缺陷,结合面向服务架构思想,提出一种轻量级门户单点登录服务机制(LSSO-Service,Lightweight Single Sign-on Service),可为门户整合提供结构简单、完善通用、松散耦合、快速机动的单点登录服务.LSSO-Service基于高于对象层的分布式服务集成模式进行功能划分,可实现采用不同技术的应用系统在门户中的快速动态整合.阐述了LSSO-Service的设计思想和工作原理,并通过在国内某大型水利信息门户中的应用实践,说明该研究结果对于门户建设具有较高的理论意义和参考价值.
- 单点登录 /
- 门户 /
- 轻量级 /
- 面向服务架构
Abstract: An integration framework with easy and efficient implementation is necessary in construction process of information portal. To overcome the limitation that traditional single sign-on mechanisms can-t achieve fast integration in dynamic and loose coupling environment, a novel lightweight single sign-on service mechanism for portal (LSSO-service) was proposed based on service oriented architecture. LSSO-service-s business logic functions were divided according to a distribute integration framework with services higher than object layer. By this means, the simple, adaptive, loose-coupled and flexible single sign-on service could work well, and those application systems based on different techniques might be quickly integrated into portal with a unique entry. The design idea and functional principle of LSSO-service were both presented. To validate the high significance and feasibility of the proposed approach, an integrated prototype was carried out.
- single sign-on (SSO) /
- portal /
- lightweight /
- service oriented architecture (SOA)

HTML全文

参考文献(1)

[1] Staff W. Enterprise information portals:What they are, why they-re important, and why you may need one[M].Waltham,Massachusetts:Unitas Corporation,2001:5 [2] Satoh F, Itoh T. Single sign on architecture with dynamic tokens 2004 Symposium on Applications and the Internet. Tokyo:IEEE Computer Society, 2004:197-200 [3] Pashalidis A, Mitchell C. A taxonomy of single sign-on systems Proceedings of 8th Australasian Conference on the Information Security and Privacy. Wollongong, Australia:Springer, 2003:249-264 [4] Pashalidis A, Mitchell C. Using GSM/UMTS for single sign-on[J]. Mobile Future and Symposium on Trends in Communications, 2003, 12:138-145 [5] Oppliger R. Microsoft .NET passport:a security analysis[J]. IEEE Computer Society, 2003, 36:29-25 [6] Kormann D P, Aviel D. Rubin, risks of the passport single sign-on protocol[J]. Computer Networks, 2000,33:33-51 [7] Beznosov K, Flinn D J, Kawamoto S.Introduction to Web service and their security[J]. Information Security Technical Report, 2005, 10:2-14 [8] Hodges J. Liberty architecture overview V1.1 . Yorba Linda, CA:Liberty Alliances, 2003. http://projectliberty.org/specs/ [9] Bayern S. CAS2.0:proxiable credentials service . New Haven:Yale University, 2004. http://www.yale.edu/tp/auth/cas20.html [10] Newcomer E, Lomow G. Understanding SOA with Web services[M].徐涵译.北京:电子工业出版社, 2006:313-347 Newcomer E, Lomow G. Understanding SOA with Web services[M]. Translated by Xu Han. Beijing:Publishing House of Electrics Industry, 2006:313-347(in Chinese) [11] William M, Corvine A, Ralf B, et al.Managing information access to an enterprise information system using J2EE and services oriented architecture[M]. Chantilly,Virginia:International Business Machines Corporation, 2005 [12] 吴晶,熊璋,朱成军,等.面向服务的企业门户架构及其实现的研究[J].计算机应用研究,2007,24(1):112-115 Wu Jing, Xiong Zhang, Zhu Chengjun, et al. Research on service oriented architecture for enterprise portal and its implementation[J]. Application Research of Computers, 2007,24(1):112-115(in Chinese)

施引文献

资源附件(0)

访问统计