【摘要】： 隨著信息技術(shù)和網(wǎng)絡(luò)技術(shù)的迅速發(fā)展,企業(yè)內(nèi)部的應(yīng)用系統(tǒng)越來越多。比如在媒體行業(yè),常見的應(yīng)用系統(tǒng)就有采編系統(tǒng)、排版系統(tǒng)、印刷系統(tǒng)、廣告管理系統(tǒng)、財務(wù)系統(tǒng)、辦公自動化系統(tǒng)、決策支持系統(tǒng)、客戶關(guān)系管理系統(tǒng)和網(wǎng)站發(fā)布系統(tǒng)等。由于這些系統(tǒng)互相獨立,用戶在使用每個應(yīng)用系統(tǒng)之前都必須按照相應(yīng)的系統(tǒng)身份進行登錄,為此用戶必須記住每一個系統(tǒng)的用戶名和密碼,這給用戶帶來了不少麻煩。特別是隨著系統(tǒng)的增多,出錯的可能性就會增加,受到非法截獲和破壞的可能性也會增大,安全性就會相應(yīng)降低。針對于這種情況,統(tǒng)一身份認證、單點登錄等概念應(yīng)運而生,同時不斷地被應(yīng)用到企業(yè)應(yīng)用系統(tǒng)中。 針對電子政務(wù)網(wǎng)絡(luò)中應(yīng)用系統(tǒng)繁多,應(yīng)用系統(tǒng)中的用戶和權(quán)限管理混亂、管理維護復(fù)雜等情況,需要建立一個將多個應(yīng)用系統(tǒng)整合在一起的統(tǒng)一權(quán)限管理平臺,以實現(xiàn)電子政務(wù)網(wǎng)絡(luò)應(yīng)用系統(tǒng)中用戶和權(quán)限的統(tǒng)一管理。為了保證授權(quán)服務(wù)平臺的安全和數(shù)據(jù)的權(quán)威可靠,需要嚴格限制每個用戶的權(quán)限作用域,防止用戶越權(quán)訪問,這就對授權(quán)服務(wù)平臺的訪問控制機制提出了很高的要求。 本文根據(jù)電子政務(wù)網(wǎng)絡(luò)的實際情況以及授權(quán)服務(wù)平臺對訪問控制的實際需求,研究開發(fā)了統(tǒng)一權(quán)限管理系統(tǒng),并實現(xiàn)了該系統(tǒng)的單點登錄。具體的,本文進行了如下工作: 1)分析研究了現(xiàn)有的權(quán)限管理方案,并對各種方案進行了相關(guān)的比較和總結(jié)。 2)介紹了本文的兩個重要的理論背景:身份認證和統(tǒng)一權(quán)限管理。并介紹了研發(fā)統(tǒng)一權(quán)限管理系統(tǒng)中要使用的幾種技術(shù):J2EE技術(shù)、Web Service、XML存儲和AjaX技術(shù)。 3)從需求分析和應(yīng)用場景分析兩方面闡述研發(fā)統(tǒng)一權(quán)限管理系統(tǒng)的重要性和必要性。 4)詳細設(shè)計開發(fā)統(tǒng)一權(quán)限管理系統(tǒng),具體包括:系統(tǒng)整體設(shè)計、系統(tǒng)功能描述、門戶設(shè)計、接口設(shè)計和數(shù)據(jù)庫設(shè)計。
[Abstract]:With the rapid development of information technology and network technology, there are more and more application systems in enterprises. For example, in the media industry, common application systems include editing system, typesetting system, printing system, advertising management system, financial system, office automation system, decision support system, customer relationship management system and website publishing system. Because these systems are independent of each other, users must log in according to the corresponding system identity before using each application system. Therefore, users must remember the user name and password of each system, which brings a lot of trouble to users. Especially, with the increase of the system, the possibility of error will increase, the possibility of illegal interception and destruction will increase, and the security will be reduced accordingly. In view of this situation, the concepts of unified identity authentication and single sign-on emerge as the times require, and are continuously applied to enterprise application systems. In view of the various application systems in the E-government network, the confusion of user and privilege management in the application system, and the complexity of management and maintenance, it is necessary to establish a unified privilege management platform that integrates multiple application systems together. In order to realize the unified management of users and permissions in the network application system of e-government. In order to ensure the security of the authorization service platform and the authority of the data, it is necessary to strictly limit the scope of each user's permission to prevent the user from accessing the authorization service platform, which puts forward a very high requirement for the access control mechanism of the authorization service platform. According to the actual situation of the E-government network and the actual demand of the authorization service platform for access control, the unified privilege management system is developed in this paper, and the single sign-on of the system is realized. The main work of this paper is as follows: 1) the existing privilege management schemes are analyzed and compared with each other. 2) this paper introduces two important theoretical backgrounds: identity authentication and unified authority management. Several technologies used in the research and development of unified privilege management system are introduced: J2EE technology, Web Service,XML storage technology and AjaX technology. 3) the importance and necessity of developing unified authority management system are expounded from two aspects: requirement analysis and application scenario analysis. 4) the unified authority management system is designed and developed in detail, including: the whole system design, the system function description, the portal design, the interface design and the database design.
【學(xué)位授予單位】：武漢理工大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2009
【分類號】：TP311.52

【引證文獻】

相關(guān)碩士學(xué)位論文 前2條

1 陳湘群;B/S信息系統(tǒng)中的訪問控制的實現(xiàn)與應(yīng)用[D];電子科技大學(xué);2011年

2 沈靖;企業(yè)信息處理中心在涉密環(huán)境中的研究與設(shè)計[D];上海交通大學(xué);2013年

，

本文編號：2408237