Digital certificate and multilevel field based unified identification management and authentication method

Abstract

The invention discloses a unified identification management and authentication method based on digital certificates and multi-leveled domains. At first, user identification is maintained. User identification information is synchronized with the human resource system. User data information management is then completed by means of manual maintenance. User identification information is synchronized to the domain. By the standard LDAP agreement, user identification information is synchronized to the corresponding AD sub-domain according to the unit the information belongs to. Then user authentication is realized. The user can logon in two ways. First, when the computer of the user logons onto the AD domain, all the business systems can be visited without inputting the user name and password. Second, all the business systems can be visited after the user has input the user name and password for once. The invention avoids the possibility that user information does not agree or is not in time. Besides, single sign-on among all the business systems is realized, thus avoiding logon for twice or multiple times. Then technical and developing cost to realize single sign-on is reduced.

Description

technical field [0001] The invention belongs to the field of information security and authentication, in particular to a unified identity management and authentication method based on digital certificates and multi-level domains. Background technique [0002] With the continuous development and acceleration of information construction, business system construction has gradually been enriched in various business departments and daily work. Since these business systems are only oriented to their respective business departments, each business department has to maintain a set of independent user identity management and authentication; at the same time, in the actual business process, once the user's information changes, such as job changes, etc. , and related business systems need to be adjusted to adapt to this change. The direct problem brought about by this change is that user information and data are not timely and out of sync. In addition, with the continuous improvement o...

AI Technical Summary

Problems solved by technology

Since these business systems are only oriented to their respective business departments, each business department has to maintain a set of independent user identity management and authentication; at the same time, in the actual business process, once the user's information changes, such as job changes, etc. , and related business systems need to be adjusted to adapt to this change. The direct problem brought about by this change is that user information data is not timely and out of sync.

In addition, with the continuous improvement of business system construction, users use multiple business systems at the same time more and more frequently, and the authentication of each business system is independent of each other, and user passwords are not unified. Various user login names and passwords are used to log in, causing users to remember multiple user accounts and passwords, even including the corresponding access addresses of various business systems, which virtually increases the complexity of user business operations