Software Journal:
Theory and Applications

Send article

Entrance Registration

С праздником Великой Победы!


Дорогие друзья, уважаемые коллеги!

Поздравляем вас и ваших близких с Днем Победы – самым торжественным и священным для нас праздником!

Желаем ветеранам здоровья и долголетия, стране мира и процветания, всем людям благополучия и уверенности в завтрашнем дне!

Пусть для каждого из нас мир будет добрым и радостным!

All ads...

Developing a single sign-on for information systems

I.I. Kholod ( Saint Petersburg Electrotechnical University “LETI” (Professor, Dean of the Faculty of Faculty of Computer Science and Technology), St. Petersburg, Russian Federation, ph.d;
M.V. Kovynev ( aint Petersburg Electrotechnical University “LETI” (Student), St. Petersburg, Russian Federation;
I.S. Grigoryev ( Saint Petersburg Electrotechnical University “LETI” (Student), St. Petersburg, Russian Federation;
P.V. Korytov ( Saint Petersburg Electrotechnical University “LETI” (Student), St. Petersburg, Russian Federation;

The paper discusses the problem of creating a single authorization system for university information systems. The number of information systems is constantly growing, therefore, there is a question of providing the user with a centralized single sign-on to such systems. The authors studied the existing solu-tions. After analyzing the solutions, they have selected the fastest growing systems, such as the Blitz Iden-tity Provider and IBM Security Access Manager for Enterprise Single Sign-On, and considered their key advantages and basic restrictions. The solutions were compared according to the following criteria: cost, availability of an open source code, restrictions on connected systems.

The authors review the existing university subsidiary systems and propose the implementation of their own single sign-on system. The paper describes certain aspects of the system implementation in detail, in-cluding the authorization process in subsidiary systems and displaying of subsidiary system pages; they consider the system architecture and the authorization mechanism. The security issue and developed solu-tion testing is studied, the main advantages of the resulting solution are revealed: cross-platform, central-ized display of the subsidiary system menu in one place, cost. During testing of the developed system, no XSS vulnerabilities, SQL injections, etc. are identified. The system supports authorization through VKon-takte, other subsidiary systems and the basic version by name and password. The developed information system is used at ETU “LETI”.