第1个回答 2009-04-28
Single Sign - on
SSO (single sign-on) is a security solution, but also increase system availability solutions. Single Sign-gestation due to the current computer applications, for so many applications, it is generally have too much identification information (user name), as well as too many authentication information (password).
Single Sign-existence is not based on the level of security reasons, but because the user's behavior, have to make the existence of single sign. If for each application or database, the user identification information are different, different password, the user must have excellent memory to remember so many identification information and password. User Management so many user name and password the only way is to these user names and passwords written on a piece of paper, which although the user name and password on their own head to be much easier, but greatly increased the safety risk.
A solution to this problem is to put all the user name and (or) password are set to the same. While this can be solved need to remember many user names and passwords of the problem, but it reduced the availability of the computer environment. Again and again to enter a user name and password is a very boring task, especially when the need to enter contains a lot of letters, numbers, the high-intensity identifier code, the situation even more so.
Therefore, as its name implies, single sign-computing environment will allow more available. In other words, users need only a certification of their own, regardless of how many times they need to access applications. This can also maintain good security, because the user only the only user name and password. Password management is also very simple, because the password needs to be changed only once, regardless of the number of applications.
There are many ways to achieve single sign-on, based on user identification information provided by the different, the methods are very different, and used to complete this task single sign method also varies. At present, the most widely used is Kerberos, DCE and PKI based on the program. SSO is to ensure that the essence of consistency, regardless of how achieved, the purpose of an application is in another application and dissemination of security between the user's identification information, which does not allow users to worry about every time. When used correctly, the single sign can enhance the availability, it is safe solutions.
SSO is not the lack of challenges. When I try different combinations to provide a platform for businesses and products, it can be faced with the realization of practical single sign this challenge. The use of established facts or industry standards, such as Kerberos and PKI, will help solve the interoperability problem.
When users log on to their single sign-environment, and to leave in order to leave open the terminal and when certified, will have single sign-security risks. At this point, if there is a malicious user or curious colleagues decided to open, and has been certified into a terminal, it is probably a disaster. Their application is not just a mandate, but all applications have been authorized.
There are several ways to address these problems: First of all, users should leave the computer system in the pre-conscious to lock the computer; Secondly, the computer should be set to idle after a period of time can be automatically locked; Finally, the single sign of the service allows non-active overtime to withdraw from the dialogue. The use of the above three methods, provided a defense-in-depth protection to ensure that security risks do not really have a real security incidents.
And authentication of users is equally important is to allow users the ability to withdraw from the certification. In order to ensure that other users can not enter the idle computer has passed certification and re-certified by the conversation, to give users the ability to log off the system is also very important. Users have been sent to monitor the single sign-system environment is simple, effective way to ensure that the deployment of single sign program will not be those who have not authorized visitors, or data thieves use spoilers.
For data thieves, the focus on the single sign-services will be their top priority goals. If the single sign-services stolen or leaked, then the hacker could access on the user's a mass of sensitive and valuable information. To ensure effective and successful deployment of Single Sign-a critical factor in the protection of services, as well as access to internal services and to meet the demand for high-performance.
第2个回答 2009-04-28
Single Sign -
SSO (single sign-on) is a security solution, but also increase system availability solutions. Single Sign-gestation due to the current computer applications, for so many applications, it is generally have too much identification information (user name), as well as too many authentication information (password).
Single Sign-existence is not based on the level of security reasons, but because the user's behavior, have to make the existence of single sign. If for each application or database, the user identification information are different, different password, the user must have excellent memory to remember so many identification information and password. User Management so many user name and password the only way is to these user names and passwords written on a piece of paper, which although the user name and password on their own head to be much easier, but greatly increased the safety risk.
A solution to this problem is to put all the user name and (or) password are set to the same. While this can be solved need to remember many user names and passwords of the problem, but it reduced the availability of the computer environment. Again and again to enter a user name and password is a very boring task, especially when the need to enter contains a lot of letters, numbers, the high-intensity identifier code, the situation even more so.
Therefore, as its name implies, single sign-computing environment will allow more available. In other words, users need only a certification of their own, regardless of how many times they need to access applications. This can also maintain good security, because the user only the only user name and password. Password management is also very simple, because the password needs to be changed only once, regardless of the number of applications.
There are many ways to achieve single sign-on, based on user identification information provided by the different, the methods are very different, and used to complete this task single sign method also varies. At present, the most widely used is Kerberos, DCE and PKI based on the program. SSO is to ensure that the essence of consistency, regardless of how achieved, the purpose of an application is in another application and dissemination of security between the user's identification information, which does not allow users to worry about every time. When used correctly, the single sign can enhance the availability, it is safe solutions.
SSO is not the lack of challenges. When I try different combinations to provide a platform for businesses and products, it can be faced with the realization of practical single sign this challenge. The use of established facts or industry standards, such as Kerberos and PKI, will help solve the interoperability problem.
When users log on to their single sign-environment, and to leave in order to leave open the terminal and when certified, will have single sign-security risks. At this point, if there is a malicious user or curious colleagues decided to open, and has been certified into a terminal, it is probably a disaster. Their application is not just a mandate, but all applications have been authorized.
There are several ways to address these problems: First of all, users should leave the computer system in the pre-conscious to lock the computer; Secondly, the computer should be set to idle after a period of time can be automatically locked; Finally, the single sign of the service allows non-active overtime to withdraw from the dialogue. The use of the above three methods, provided a defense-in-depth protection to ensure that security risks do not really have a real security incidents.
And authentication of users is equally important is to allow users the ability to withdraw from the certification. In order to ensure that other users can not enter the idle computer has passed certification and re-certified by the conversation, to give users the ability to log off the system is also very important. Users have been sent to monitor the single sign-system environment is simple, effective way to ensure that the deployment of single sign program will not be those who have not authorized visitors, or data thieves use spoilers.
For data thieves, the focus on the single sign-services will be their top priority goals. If the single sign-services stolen or leaked, then the hacker could access on the user's a mass of sensitive and valuable information. To ensure effective and successful deployment of Single Sign-a critical factor in the protection of services, as well as access to internal services and to meet the demand for high-performance
第3个回答 2009-04-28
single sign-on
SSO (single sign-on) is a security solution, but also increase system availability solutions. Single Sign-gestation due to the current computer applications, for so many applications, it is generally have too much identification information (user name), as well as too many authentication information (password).
Single Sign-existence is not based on the level of security reasons, but because the user's behavior, have to make the existence of single sign. If for each application or database, the user identification information are different, different password, the user must have excellent memory to remember so many identification information and password.User Management so many user name and password the only way is to these user names and passwords written on a piece of paper, which although the user name and password on their own head to be much easier, but greatly increased the safety risk.
A solution to this problem is to put all the user name and (or) password are set to the same. While this can be solved need to remember many user names and passwords of the problem, but it reduced the availability of the computer environment.Again and again to enter a user name and password is a very boring task, especially when the need to enter contains a lot of letters, numbers, the high-intensity identifier code, the situation even more so.
Therefore, as its name implies, single sign-computing environment will allow more available. In other words, users need only a certification of their own, regardless of how many times they need to access applications. This can also maintain good security, because the user only the only user name and password.Password management is also very simple, because the password needs to be changed only once, regardless of the number of applications. There are many ways to achieve single sign-on, based on user identification information provided by the different, the methods are very different, and used to complete this task single sign method also varies. At present, the most widely used is Kerberos, DCE and PKI based on the program. SSO is to ensure that the essence of consistency, regardless of how achieved, the purpose of an application is in another application and dissemination of security between the user's identification information, which does not allow users to worry about every time. When used correctly, the single sign can enhance the availability, it is safe solutions.
SSO is not the lack of challenges. When I try different combinations to provide a platform for businesses and products, it can be faced with the realization of practical single sign this challenge. The use of established facts or industry standards, such as Kerberos and PKI, will help solve the interoperability problem.
When users log on to their single sign-environment, and to leave in order to leave open the terminal and when certified, will have single sign-security risks. At this point, if there is a malicious user or curious colleagues decided to open, and has been certified into a terminal, it is probably a disaster.
There are several ways to address these problems: First of all, users should leave the computer system in the pre-conscious to lock the computer; Secondly, the computer should be set to idle after a period of time can be automatically locked; Finally, the single sign of the service allows non-active overtime to withdraw from the dialogue.The use of the above three methods, provided a defense-in-depth protection to ensure that security risks do not really have a real security incidents. And authentication of users is equally important is to allow users the ability to withdraw from the certification. In order to ensure that other users can not enter the idle computer has passed certification and re-certified by the conversation, to give users the ability to log off the system is also very important. Users have been sent to monitor the single sign-system environment is simple, effective way to ensure that the deployment of single sign program will not be those who have not authorized visitors, or data thieves use spoilers.
For data thieves, the focus on the single sign-services will be their top priority goals. If the single sign-services stolen or leaked, then the hacker could access on the user's a mass of sensitive and valuable information.To ensure effective and successful deployment of Single Sign-a critical factor in the protection of services, as well as access to internal services and to meet the demand for high-performance.
第4个回答 2009-04-29
Not only is single sign-on a security solving plan, it also a plan that would increase the system's usability. The creation of single sign-on was due to the great number of current application of computers which heavily burden users with too many identity recognition information (user name) and too many verification information (passwords).
The existence of single sign-on is not due to the security technological layers, but is the result of users' conduct which make the existence of single sign-on indispensible. If every application or data bank requires a user to have different recognition information and password every time he or she needs to gain access to the data bank, he or she would need to have an above average memory power to remember those identity recognition information and passwords, the only way for an user to manage such a great number of user names and passwords is to write all of them down on a sheet of paper, although it is far easier to write those user names and passwords down onto paper, however, by doing so would greatly increase the security risk.
One way of solving the problem is to make all user names and (or) passwords identical, although this would solve the problem of having to remember lots of user names and passwords, it has,however,
reduced the usability of computer environment.repeatedly logging in user names and passwords is a boring task, it is especially so when logging passwords containing many letters,numerals and symbols.
Therefore, just as its name suggests, single sign-on would increase the usability of computer environment. In other words, users only required to authenticate themselves once regardless of the number of application they use.In this way, good security also would be maintained, because user has only one user name and password. The management of password is also very simple, because password needs to be changed only once regardless of the number of usage.
There are many ways to achieve single sign-on, the methods vary according to users'different information of distinguishing supplied by the users, moreover, the method of completing the single sign-on loggin on procedure is also different. Currently Kerberos,DCE and PKI are the most widely used plans.The real essence of the single sign-on is the gaurantee of its nature of consistency, regardless of how specifically realized, it never let users down everytime.. Once used properly, single sign-on not only could increase usability, but also is a security solving plan.
It is not that single sign-on lacking in chellenge.When attempt was made to assemble platforms and products from various merchants, it was instantly faced with the chellenge of the realization of the practical usage of single sign-on. The usage confirms the standard of facts and industries, for instant,Kerberos and PKI are conducive to solving the problem of mutual operation.
When users log onto their single sign-on setting, and then leave the already authenticated end open and left their computers unattended,this action would cause security risk to the single sign-on plan. At this very moment, if an ill-intention user or a curious colleague decides to investigate this end bit which is open and authenticated, the outcome could be disastrous. Theey don't merely obtain one single application authorization, but all application authorization.
There are some methods to solve the problems mentioned above:
Firstly,users should consciously lock their computers before leaving their computer systems; next, computers should be set to automatically lock out after they have been idle for a period of time: finally,single sign-on servive is able to let inactive dialogues to be aborted if over the time limit set.Using the three methods mentioned above would provide a high degree of preventive protection, and thus ensure security risk would not really cause the real security incidents.
It is just as important that authenticated users are given the ability to abort authentication, for the purpose of not letting other users to enter an unattended and authenticated computer, and put authenticated dialogues in key position,and to give users the ability to log out from the system is also very important. Monitoring users who have logged out from single sign-on system setting is a simple and effective way to ensure the set up of single sign-on plan would have no access to operation by to unauthorized visitors,thieves and data saboteurs.
As far as data thieves are concerned, top of their targets would be the concentrated single sign-on service.If single sign-on service's information is stolen or exposed, then the hacker would be able to obtain lots of sensitive and valuable informations.
The key factors of ensure protection for the set up and the success of logging onto the single sign-on facility is to protect the service and the visits to the interior of the service,and to meet the demand for high efficiency.
第5个回答 2024-05-07
1、电子信息科学与技术:电子信息科学与技术专业培养具备电子信息科学与技术的基本理论和基本知识,受到严格的科学实验训练和科学研究初步训练,能在电子信息科学与技术、计算机科学与技术及相关领域和行政部门从事科学研究、教学、科技开发、产品设计、生产技术管理工作的电子信息科学与技术高级专门人才。
2、信息科学技术专业:信息科学技术专业是一个大学专业,培养具有扎实的数学、物理、电子和计算机的基础知识,系统地掌握光学信息处理技术、现代电子学技术和计算机应用技术的基本技能。
3、能在光通信、光学信息处理、以及相关的电子信息科学、计算机科学等信息技术领域、特别是光机电算一体化产业从事科学研究、产品设计和开发、生产技术或管理的面向二十一世纪的高级专门人才。
4、数字媒体:数字媒体属于工学学科门类,是指以二进制数的形式记录、处理、传播、获取过程的信息载体,这些载体包括数字化的文字、图形、图像、声音、视频影像和动画等感觉媒体,和表示这些感觉媒体的表示媒体(编码)等,通称为逻辑媒体,以及存储、传输、显示逻辑媒体的实物媒体