软件应用中英文对照外文翻译文献.docx
- 文档编号:17078472
- 上传时间:2023-07-21
- 格式:DOCX
- 页数:30
- 大小:506.22KB
软件应用中英文对照外文翻译文献.docx
《软件应用中英文对照外文翻译文献.docx》由会员分享,可在线阅读,更多相关《软件应用中英文对照外文翻译文献.docx(30页珍藏版)》请在冰点文库上搜索。
软件应用中英文对照外文翻译文献
软件应用中英文对照外文翻译文献
(文档含英文原文和中文翻译)
原文:
TheDesignandImplementationofSingle
Sign-onBasedonHybridArchitecture
Abstract—ForthepurposeofsolvingtheproblemsofuserrepeatedlogonfromvariouskindsofApplicationwhichbasedonhybridarchitectureandindifferentdomains,singlesign-onarchitectureisproposed.Onthebasisofanalyzingtheadvantagesanddisadvantagesofexistingsinglesign-onmodels,combinedwiththekeytechnologylikeWebService,Appletandreverseproxy,twocoreproblemssuchassinglesign-onarchitecturemixB/SandC/Sstructureapplicationsandcross-domainsinglesign-onareresolved.Meanwhile,thesecurityandperformanceofthisarchitecturearewellprotectedsincethereverseproxyandrelatedencryptiontechnologyareadopted.Theresultsshowthatthisarchitectureishighperformanceanditiswidelyapplicable,anditwillbeappliedtopracticalapplicationsoon.
IndexTerms—singlesign-on,webservice,crossdomain,reverseproxy,B/S,C/S
INTRODUCTION
Withtheinformationsociety,peopleenjoytheprogressinthehugeinterests,butatthesametimealsofacedthetestofinformationsecurity.Withallsystemusersneedtologinthesystemincreased,usersneedtosetalotofusernamesandpasswords,whichareconfusedeasily,soitwillincreasethepossibilityoferror.Butmostusersusethesameusernameandpassword,thismakestheauthenticationinformationisillegallyinterceptedanddestroyedthepossibilityofincreased,andsecuritywillbereducedaccordingly.Formanagers,themoresystemsneedmorecorrespondinguserdatabasesanddatabaseprivileges,thesewillincreasemanagementcomplexity.Singlesign-onsystemisproposedasolutiontosolvetheproblem.Usingsinglesign-on,wecanestablishaunifiedidentityauthenticationsystemandaunifiedrightsmanagementsystem.Itnotonlyimprovesystemefficiencyandsafety,butalsocanuseuser-friendlyandtoreducetheburdenonadministrators.
TABLE1Thecomparisonofavarietyofsinglesign-ontoachievemodels
SSOAchieve-
Actionability
Manageability
Model
BrokerModel
Thelarge
Enablecentralized
transformationofthe
management
oldsystem
AgentModel
Needtoaddanew
Managementmore
agentforeachofthe
difficulttocontrol
oldsystem,
transplantationis
Agentand
relativelysimple
Transplantation
Enablecentralized
BrokerModel
simple,
management
transformationofthe
oldsystemwith
limitedcapacity
GatewayModel
Needtousea
Easytomanage,but
dedicatedgatewayto
databasesbetweenthe
accessvarious
differentgatewaysneed
applications
tobesynchronized
TokenModel
Implementationof
Needtoaddnew
relativelysimple
componentsand
increasethe
managementburden
Singlesign-onreferstowhentheuserneedstoaccessadistributedenvironmentwhichhasdifferentapplicationstoprovidetheservice,onlysignononceintheenvironment,noneedfortheusertore-signonthevariousapplicationsystems[1].NowtherearemanyproductsandsolutionstoimplementSSO,suchasPassportofMicrosoft,IBMWebSpherePortalServeralthoughtheseSSOproductscoulddowellinthefunctionofsinglesign-on,butmostofthemarecomplexandinflexible.Currently,thetypicalmodelstoachieveSSOincludebrokermodel,agentmodel,agentandbrokermodel,gatewaymodelandtokenmodel[2].Intable1,itanalysesthesemodelscanbeimplementedandmanageability.Basedontheabovecomparison,agentandbrokermodelhastheadvantagesbothcentralizedmanagementandrevisedlessoriginalapplicationserviceprocedure.SoIdecidetoadoptagentandbrokermodelasthebasisforthismodel.InordertointegrateinformationandapplicationswellandwiththeB/Smodein-depthapplicationsoftware,therehasbeentheconceptofenterpriseportal,offerabestwaytosolvethisproblem.Enterpriseportalprovidesbusinessusersaccessinformationandapplications,andcompleteorassistinavarietyofinteractivebehaviorofasingleintegratedaccesspoint.Theappropriatesystemsoftwareportalprovidesadevelopment,deploymentandmanagementofportalapplicationsservices.Enterpriseinformationportalconcernsportal,contentmanagement,dataintegration,singlesign-on,andmuchothercontent.
SYSTEMCONSTRUCTIONWHICHREGISTERSBASEDONTHEWEBSERVICEMIXCONSTRUCTIONSINGLESIGN-ON
Thesystemconsistsofmultipletrustdomains.EachtrustdomainhasmuchB/Sarchitectureoftheapplicationservers;inadditiontoB/SarchitectureoftheapplicationserversalsoincludedC/Sarchitectureapplicationservers.Alltheapplicationsareboundtogetherthroughaunifiedportaltoachievefunctionalityofsinglesign-on.Youcanseethatthisarchitectureisbasedontheagentandthebrokermodel.Aunifiedagentportalisplayingabrokerrole,andvariousapplicationsareplayinganagentrole.TheB/SarchitectureapplicationsareinstalledontheClientsideofSSOAgent,andtheunifiedportalisinstalledontheServersideofSSOAgent.BetweenthemisthroughthesetwoAgentstointeract.Inaddition,inFig1,theexternalprovisionofauthenticationserverisLDAPauthenticationinterface.TokenauthenticationWebServiceserverprovidestheinterfacesofsinglesign-ontokenoftheadditions,deletions,editionsandqueries.ButthepermissionWebServiceserverprovidestheappropriateauthorityinformationsystem,toachieveunifiedmanagementauthorityforaccessingunifiedportalapplicationsystem.
Thesystemsupportscross-domainaccess,thatis,thedomainD1userscanaccesstheapplicationdomainD2,andthedomainD2userscanaccesstheapplicationdomainD1.Atthesametime,thesystemalsosupportstheapplicationofdifferentstructuresbetweenthesinglesign-on,thatis,userafteraccessingtheapplicationAoftheB/SstructureaccesstheapplicationEofC/Sstructurewithouthavingtorepeatedlyenterusernameandpassword,oruseraccesstheapplicationAaftertheapplicationEwithoutre-enterlogininformation.
ThewholestructureofSingleSign-onisasFig1shown.
Figure1:
TheStructureofSingleSign-on
A.Theloginprocess
Thewholesinglesign-onprocessisasFig2shown:
Belowistheprocessspecificstepsdescription:
1)UserloginintheclientbrowsertoaccessAapplication,SSOClientofAsysteminterceptandredirecttheURLtothelandingpageofUnifiedPortalSystem
2)Entertheusernameandpassword,UnifiedPortalSystemsubmitstotheauthenticationserverforauthentication.Iftheinformationiscorrect,UnifiedPortalSystemautomaticallygenerates,savesnotesandtheroleoftheuserIDtoalocal,andcallstheincreate-noteinterfaceofWebServicetoinserttheinformation.
3)UnifiedPortalSystemreturnsalistofapplicationresourcespagestotheuser.Theuserclicksanyoneapplicationsystem(e.g.Asystem).TheSSOClient-sideofAapplicationsystemreadthenotesinformationandcallthequery-notesinterfaceofWebService.Ifitisconsistentandwithinthetimelimit,itwillgettheroleinformationoftheuserinAapplicationsystemandloginAapplicationsystem.Atthesametime,itwillcalltheupdate-noteinterfaceofNoteCertificationWebServicetoupdatethelog-intimeofthiscurrentnote.ThencalltheinterfaceofuserrightsWebServicetogetthisuser’spermissioninformationwithcorrespondingapplicationsystem.
4)IfuserendtoaccessAapplicationsystem,exitandclickonthelinkofBapplicationsystem,systemimplementationswillbeareasthesameassteps(3).
5)Ifusercompletealltherequiredaccess-applicationsandneedtodothelog-offoperation,itwillmainlycallthedeletion-noteinterfacetodestroythecorrespondingnoteinformation.
Figure2:
ThewholeprocessofSingleSign-on
B.ThesolutionofCross-domainproblems
Inthetraditionalimplementationofsinglesign-onsystemwillbegenerallyusedcookieasstorageofclient-sidenotes,butbecauseofrestrictionsoncookieitselfpropertiesmakeitonlyonthehostunderthesamedomaineffective,anddistributedapplicationsystemalwayscannotguaranteethatallhostsunderthesamedomain.Thecurrentsystemdoesnotstorethenoteinformationintheclient-sidebutplacedvariousapplicationparametersofthelinkdirectly.Thenote-verificationisthroughtheapplicationoftheSSOClient-sidecalltothecorrespondinginterfaceofWebServicetocomplete.
ThroughtheSimpleObjectAccessProtocol(SOAP)toprovidesoftwareserviceintheWeb,useWSDLfiletoilluminateandregisterbyUDDI[3].ShowninFig3,aftertheuserthroughtheapplicationofUDDItofindaWSDLdescriptionofthedocument,hecancalltheapplicationwhichthroughSOAPtoprovidebyoneormoreoperationsofWebservices.ThebiggestcharacteristicofWebServiceisitscross-platform,whetheritistheapplicationofB/SstructureorC/Sstructure,whetheritistheapplicationusingJ2EEor.NETtoimplement,itcanaccessWebServiceaslongastogiveWebServiceserver'sI:
Pandinterfacename.
Thefollowingisthissystemprocessofachievingcross-domainaccess:
1)UserloginUnifiedPortalsystemsuccessfully.
2)UseraccessesAapplicationsystemwithinthetrusteddomainD1,completetheaccessandthenexitthisapplication.
3)UserclickstheURLofBapplicationsystemwithintrusteddomainD2oftheresourceslistofUnifiedPortal.
4)SSOClientofBapplicationinterceptstherequest,getsthenotebehindURL,andcallsthequery-noteinterfaceofWebService.
5)QueryinterfaceofWebServicegetsbackthelegalinformationofthisnotetotheSSOCl
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 软件 应用 中英文 对照 外文 翻译 文献