Research and Development of Single Sign-on and Authorization Manage System in Hospital Information System
|School||Central South University|
|Course||Computer Science and Technology|
|Keywords||HIS CAS single sign-on RBAC access control fine-grained authorization|
Hospital information system(HIS) played an important role to enhance the level of hospital services. Fast development of Network brings new opportunities to HIS, information integration of HIS is imperatived. whether user could log on HIS decided upon the user’s identity was or not allowable, and users could access to a protected subsystem in HIS if they were authorized. Therefore, single-sign-on and authorizatin management is extremely important to protect the data of HIS after HIS’s integration.This paper analyzes the Logging structure of heterogeneous HIS firstly, and then discussed CAS single sign-on model, expound the certification process principles, and analysis the safety of it, After the analysis of it’s security and the applicability in HIS, proposed a CAS program which adapts to HIS. This program improved CAS client which added users mapping mechanism, which made the sub-existing users information and CAS users information associated, added user registration module. on the base of discussing RBAC access control technology, this paper proposed an improved RBAC access control model. which improved RBAC model Using fine-grained authorization mechanism. It divided the authoriry unit into three grades which includes module, page, widget, implemented the right constraint library in roles and users. and the new RBAC model alleviate the contradiction by using secondary authorization and authorize to users directly between fine-grained authorization and rudundant roles.After analysis and design of this in detail, the paper implemented the design of the main functional modules and interfaces of single sign-on and authorization management system. After congregated the systems with one hospital’s HIS seamless, we did some test to check up the main functional modudels, testing results show that the CAS single sign-on system and improved RBAC access control model designed in this paper works well, which meet the requirements of users login and access control management aspects after HIS integrated.