dc.description.abstract | With the trend of increasing use of information technology by enterprises and government agencies, the number of information systems within each organization has also increased because the time constructing the systems and their platforms are usually different. Each information system also generally has its own authentication and account number database. Under such circumstances, a user must login each system individually before using the systems. In addition, if a user’’s accounts or passwords are different across the systems, the user has to remember them all. These will cause great inconvenience to users. From system management, the mandate rule of each system is all stored in its own databases and the system administrator must maintain the mandate rule of each system. So, disperse in the authentication modules of the systems and account databases will cause a lot of inconvenience to users and the administrator. The goal of the Single Sign-On Services technology is to resolve the above issues. Smart Card authentication and encryption and decryption functions, authentication and digital signature, the existing media credentials are devices and technologies for the development of the Single Sign-On services.
Because the prices of Flash and Smart Card are high, making most businesses or government agencies unwilling to consider the Single Sign-On service. Further, users have become accustomed to using the account and password login, making the users resist the new technology of authentication. This study describes a case of developing a Single Sign-On mechanism and check its capability in resolving the problem of multiple logins. The use of the directory integration technology is more than integrating all the account information into a single directory service database. Mapped through a single account to the Single Sign-On mechanism, a user only needs to set a certificate (for example, Smart Card) login and then access all the back-end information systems..
In sum, the focuses of this paper include authentication data, Single Sign-On system and back-end systems integration of information systems, and finally Single Sign-On information system that can be derived after being imported, directly or indirectly, for analyzing the effectiveness of of the technology. Discussions and recommendations for constructing such a system are provided..
| en_US |