全球資訊網改變了以往學習系統的開發模式，許多的學習系統紛紛增加以網頁為基礎的應用模式，以期能迅速的吸引使用群眾，加速研究的進行。亞卓市─一個學習科技的實驗平台，聚集著許多的使用者（老師、學生、家長、研究者、教育專家……等）及以網頁為基礎的學習系統。當學習系統各自獨立運作、缺乏整合時，將造成系統開發成本的浪費、使用者應用上的不便、安全性及使用者資訊分散等問題。在這篇論文當中，我們將設計及實作一「黏合機制」，以期能解決上述之問題。在「黏合機制」當中，包含一個以cookies為基礎的「單一登入」機制、以及一個建構在這個機制之上的資料分享功能。使用者透過「黏合機制」，經由一次的登入，可通過不同學習系統的認證，而這些認證都是不需要額外的登入動作。學習系統不僅可以透過這個機制來認證來訪的使用者，取得使用者資訊，而不需另行要求使用者登記資料；也可以透過資料分享的功能與其他的學習系統分享使用者的資訊。

The development model of computer-assisted learning systems has been changed by the WWW (World Wide Web). EduCities, a platform of learning technology, consists of many learning systems and attract many users. Citizens (users) in this cyber city can be teachers, students, parents, and researchers. However, if those systems on this platform work alone, it will be lack of integration among them. It will increase the difficulties of using theses systems and make the development costs higher. These will also have problems as well as having users’ information scattering around. To solve these problems, we have designed and implemented a ”gluing mechanism” including a single sign-on (SSO) mechanism and a method of information sharing. It allows users authenticate themselves once and access different learning systems without re-authentication and makes learning systems share users’ learning information with each other.

[1]V. Ton 1998. Smart access: strong authentication on the web. Computer Networks and ISDN Systems.
[2]V. Samar, 1999. Single sign-on using cookies for web applications. Proceedings of the IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.
[3]A. Volchkov, 2001. Revisiting Single sign-on a pragmatic approach in a new context. IT pro.
[4]A. Scot, G. Rick, 1995. Sessioneer: flexible session level authentication with off the shelf servers and clients. Computer Networks and ISDN Systems.
[5]A. Freier, P. karlton, and P. Kocher, 1996. The SSL Protocol Version 3.0. Internet Draft.
[6]Information technology — Open Systems Interconnection — The Directory: Authenticaiton framework. ITU-T Recommendation X.509 1997.
[7]T. Hwang, Y. Checn, and C. S. Laih 1990. Non-interactive password authentication without password tables. IEEE Region 10th Conference on Computer and Communication Systems.
[8]A. Shamir 1984. Identity based on cryptosystems and signature schemes. Advances in Cryptology, CRYPTO’ 84.
[9]I. C. Lin 2000. A study on Internet Service Security. 朝陽科技大學資訊管理系碩士論文
[10]Fielding, R., Gettys, J., et al, 1997. Hypertext Transfer Protocol — HTTP/1.1. Request For Comments (RFC) 2068.
[11]Franks, J., Hallam-Baker, P., et al, 1999. HTTP Authentication: Basic and Digest Access Authentication. Request For Comments (RFC) 2617.
[12]Mohammed J. Kabir 1998. Apache Server Bible. Hungry Minds.
[13]Franks, J., Hallam-Baker, P., et al, 1997. An Extension to HTTP: Digest Access Authentication. Request For Comments (RFC) 2069
[14]Bakken, S., Aulbach A., et al 2001. PHP Manual. PHP Documentation Group.
[15]Simson Garfinked & Gene Spafford 1997. Web Security & Commerce. OREILLY & Associates.
[16]Netscape 1998. Introduction to Public-Key Cryptography. Available at http://developer.netscape.com/docs/manuals/security/pkin/index.htm.
[17]Lincoln Stein & Doug MacEachern, 1999. Writing Apache Modules with Perl and C. OREILLY & Associates.
[18]Netscape 1998. Introduction to SSL. Available at http://developer.netscape.com/docs/manuals/security/sslin/contents.htm.
[19]D. Kristol, 1997. HTTP State Management Mechanism. Request For Comments (RFC) 2109.
[20]Netscape. Persistent Client State HTTP Cookies. Available at http://www.netscape.com/newsref/std/cookie_spec.html
[21]R. C., Markle 1990. A fast software on-way hash function. Journal of Cryptology.
[22]Chan, T.W., Hue, C.W., Tzeng, O.J.L., & Chou, C.Y. Four Spaces of Network Learning Models, Computers & Education. To appear.
[23]T. Berners-Lee, L. Masinter, M. McCahill, 1994. Uniform Resource Locators (URL). Request For Comments (RFC) 1738.