摘要
运用统一认证和RBAC模型等原理,结合Web服务技术,提出了一种统一的身份认证和授权服务接口规范,并在企业应用系统中进行了试用。试用表明,该授权方法与接口规范能实现各应用系统间的一次登录、统一认证、统一权限管理,但单点登录和审计方面的功能还需进一步完善。
Using the theory of unified authentication and RBAC model and combining with the Web service technology,presents a unified identity authentication and authorization service interface specification,and gives it on trial in the enterprise application system.It shows that the authorization method and interface specification achieve a login,unified authentication and unified rights management between each application system,but the single sign-on and audit functions need to be further improved.
出处
《湖南工业大学学报》
2012年第4期88-91,共4页
Journal of Hunan University of Technology
基金
国家住建部基金资助项目(2010FJ3041)
湖南省自然科学基金资助重点项目(12JJ2036)
关键词
RBAC
WEB服务
统一认证
服务接口
授权
RBAC
Web services
unified authentication
service interface
authorization
