| This paper primarily introduces the User Authorization Management (UAM) in the SSL VPN system, including the requirement analyses, function design, detail implementation and so on.First of all, this paper introduces some information about SSL VPN. As a new generation of secure remote access platform, SSL VPN is a virtual private network technology based on application layer. By using SSL and agent technologies, SSL VPN provides end-users the security access to the HTTP resources, C/S resources, file sharing resources and so on. SSL VPN makes it easier for administrator to control the remote access by more effective ways, which ensures the security of network and information in enterprises at a higher level. At the same time, SSL VPN user doesn't need install client software, because SSL VPN uses browser as client by using the SSL component in browser. In this way, the application is more simple and convenient to use, and the cost of enterprises deploying and maintaining network is reduced.User Authorization Management is a base module in SSL VPN system, its main task is granting authorization to SSL VPN user. By designing and implementing some concepts, such as user group, resource group, client security policy, UAM achieves dynamic authorization according to user's role. In order to control remote access more strictly, UAM divide SSL VPN users into user groups, and assigns resources to user groups. This paper summarily introduces the module requirements and application environment, then analyses the function design and data flow in UAM. At last, this paper introduces the six sub modules and some important data structures. The main functions of UAM as follows:1. UAM grants authorizations to SSL VPN user based on user's roleand the security information of user's client.2 . UAM manages and maintain the configuration of user'sauthorization, including some information of user group, resource group,security policy and operations on them. |
PDF Full Text Request