首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到19条相似文献,搜索用时 109 毫秒
1.
主机或用户的身份在移动环境下的互联网通信以及网络管理中是必不可少的,而身份的真实性更是关系到互联网安全和可信任的重要基础.由于当前在用户和主机身份的研究中存在着诸如不支持全局的一次登录以及真实性不够等方面的不足,本文提出一种用于描述用户和终端设备的通用身份标识符GID,提出基于GID的互联网体系结构IGIDA,并实现了身份真实性认证协议和控制技术,最后还给出了未来基于IGIDA的几种可能的上层应用.  相似文献   

2.
在网络信息化社会空间,网络身份信任已成为电子政务、电子商务和各类网络在线应用的重要基础。当今世界各国对构建一个可信的网络环境已达成广泛共识,而网络电子身份制度及基础设施的构建在提高利用资源率、促进创新和经济增长、提升用户便利、加强安全和隐私保护等方面具有重大优势和意义。本文研究了世界主要国家电子身份(eID)管理的发展现状及趋势。  相似文献   

3.
随着网络技术的不断发展与应用,如今网络已成为人们生活中不可或缺的一部分,人们广泛使用网络技术进行网络办公、网络娱乐、网络购物等网络活动。但是,网络在为当代人们生活提供便利的同时,也带来许多隐形问题。其中,最为突出的问题在于如何应用合适的手段认证用户的身份,以保证用户计算机及网络使用安全以及网络账户中财产安全。笔者就对基于用户行为的身份认证方法进行研究。  相似文献   

4.
针对当前网络环境中基于用户真实身份安全管控需求与用户隐私保护需求之间的矛盾,引入主管机构作为可信方,将用户的真实身份管理与虚拟业务账号管理独立开来,建立两层架构的可信身份服务平台。平台通过身份绑定机制,建立用户业务账号与其真实身份之间的映射关系,实现基于真实身份的信任保障;并根据业务的应用场景配置策略为其提供用户属性,以保障用户隐私安全。  相似文献   

5.
为解决当前电力系统用户身份管理混乱的现状,针对电力系统集成服务环境下多异构应用系统中用户身份的统一管理的问题进行了研究.通过结合SPML设计用户身份管理模型,整合涉及大量软件包、服务器和异构系统的用户身份数据等方法,按照统一的标准进行账号、密码等信息的管理,使不同的应用系统可以共享用户信息,解决了电力系统服务集成中多目标系统问的账号创建、身份映射、身份同步等问题,实现了电力系统中切实有效的身份管理.最后,通过实验证明通过基于SPML的电力企业应用系统集成身份管理的设计能很好解决当前电力系统多异构应用系统中用户身份管理问题.  相似文献   

6.
基于SOA的统一身份认证服务技术研究与实现   总被引:1,自引:0,他引:1  
本文以面向服务的思想为出发点,借鉴Kerberos认证协议的用户认证方式,提出了一种基于SOA的统一身份认证架构,讨论了该系统的架构设计、架构依赖的技术基础、架构的组成要素及逻辑关系以及架构的功能特性分析,并基于SOA的统一身份认证系统实现了用户管理、身份认证、分级权限管理和单点登录等功能,对于提高信息系统使用的便捷性和安全管理能力具有实际意义。  相似文献   

7.
为解决跨区域企业各应用系统中用户身份认证管理及信息孤岛等问题,基于LDAP目录和Liberty网络身份认证管理框架,研究并设计实现了企业的统一身份认证管理系统,该系统能有效解决企业多个应用系统的统一身份验证、以及用户的单点登陆问题。  相似文献   

8.
为解决跨区域企业各应用系统中用户身份认证管理及信息孤岛等问题,基于LDAP目录和Liberty网络身份认证管理框架,设计企业的统一身份认证管理系统,该系统较好地解决企业多个应用系统的用户信息集中存储、统一身份验证以及用户的单点登录问题。  相似文献   

9.
随着计算机技术的发展,网络空间已经成为各国关注的焦点,有第五大战略空间之称。但网络空间面临着日益加剧的安全威胁,网络身份信息泄露是其中最为突出的一项。世界多数主要国家已开始制定网络可信身份管理规则和策略,从规范网络各个参与者为入手点来保护网络空间安全。以美国出台的第三版《电子身份指南》为例,介绍该指南的主要内容,对比分析各版本指南的差异,总结其优点,提出了针对我国网络身份管理的改进建议。建议包括:电子身份凭证颁发阶段的静态定级,对于不同的应用场景为用户提供不同等级的电子身份凭证,保护用户隐私;后续根据用户行为动态调整电子身份凭证等级,提供安全可靠的服务。  相似文献   

10.
在基于身份的Ad Hoc网络密钥管理的方案中,根据用户身份生成用户密钥时无法对用户的身份真实性进行有效确认,针对这一问题,该文结合基于身份的密码系统和基于口令的认证技术,给出一个密钥管理方案,该方案通过口令技术实现节点身份的认证,使用基于身份的密钥管理系统完成密钥的安全分发。同时基于ROM 模型证明了该方案的安全性。  相似文献   

11.
Information technology companies have grown in size and recognized the need to protect their valuable assets. As a result, each IT application has its authentication mechanism, and an employee needs a username and password. As the number of applications increased, as a result, it became increasingly complex to manage all identities like the number of usernames and passwords of an employee. All identities had to be retrieved by users. Both the identities and the access rights associated with those identities had to be protected by an administrator. Management couldn’t even capture such access rights because they couldn’t verify things like privacy and security. Identity management can help solve this problem. The concept behind identity management is to centralize identity management and manage access identity centrally rather than multiple applications with their authentication and authorization mechanisms. In this research work, we develop governance and an identity management framework for information and technology infrastructures with privileged access management, consisting of cybersecurity policies and strategies. The results show the efficiency of the framework compared to the existing information security components. The integrated identity and access management and privileged access management enable organizations to respond to incidents and facilitate compliance. It can automate use cases that manage privileged accounts in the real world.  相似文献   

12.
Identity management is based on the creation and management of user identities for granting access to the cloud resources based on the user attributes. The cloud identity and access management (IAM) grants the authorization to the end-users to perform different actions on the specified cloud resources. The authorizations in the IAM are grouped into roles instead of granting them directly to the end-users. Due to the multiplicity of cloud locations where data resides and due to the lack of a centralized user authority for granting or denying cloud user requests, there must be several security strategies and models to overcome these issues. Another major concern in IAM services is the excessive or the lack of access level to different users with previously granted authorizations. This paper proposes a comprehensive review of security services and threats. Based on the presented services and threats, advanced frameworks for IAM that provide authentication mechanisms in public and private cloud platforms. A threat model has been applied to validate the proposed authentication frameworks with different security threats. The proposed models proved high efficiency in protecting cloud platforms from insider attacks, single sign-on failure, brute force attacks, denial of service, user privacy threats, and data privacy threats.  相似文献   

13.
In offering services to individuals, enterprises often deal with a lot of personal information, the improper handling of which creates security risks for both the enterprises and individuals concerned. Authentication procedures usually assume specific behavior on the part of individuals, and this perception becomes a critical part of an enterprise's security mechanism. Identity management systems are touted as a solution, but even though users and enterprises are stakeholders in the broader conversation about identity management, their interests aren't necessarily aligned: who's in control, and whose interests will prevail in ease of conflict? The European Commission-funded Privacy and Identity Management tor Europe project (Prime: www.prime-projeet.eu) proposes a solution driven by the EU Privacy Directive (95/46/EC; http://ec.europa.eu/justice_home/fsj/privacy/law/), which puts the user in control wherever possible. This article focuses on that project and how it interacts with standardization initiatives and international organizations.  相似文献   

14.
信息通信能力的增长和发展促进了各式各样的电子消费服务、电子商务服务和电子政府服务。网络上的业务服务已经越来越多,这直接导致用户在网络上的电子身份账号剧增,随之而来的就是身份信息的安全问题,而身份管理(IDM)就是用来解决上述问题的,其对实体身份的管理提供了通用方案。本文介绍了身份管理的相关概念,身份管理的模型与现状。  相似文献   

15.
Web identity management systems are complex systems with powerful features - and many potential vulnerabilities. They aim to facilitate the management of identifiers, credentials, personal information, and the presentation of this information to other parties. In many schemes, an identity provider (IdP) issues identities or credentials to users, while a relying party (RP) depends on the IdP to check the user credentials before it allows users access to Web site services. By separating the role of and IdP from the RP, identity management systems let users leverage one identifier across multiple Web services.  相似文献   

16.
ABSTRACT

Many organizations have adopted SAML-based identity federation as a standard component of their enterprise architecture. A service provider in a federation may be viewed as a combination of an assertion consumer service (ACS) responsible for interactions with other federation participants (such as identity providers, or IDPs) and an application that provides useful functionality to end users. More often than not assertion consumer services are shared among multiple applications, but the current usage only exposes the ACS’s name to other parties in the federation, not the names of the applications. Identity providers in higher assurance federations frequently provide authentication, authorization, and accounting (AAA) services with application-level granularity, and this usage pattern prevents them from knowing the applications on whose behalf federation requests are made. In this article we propose a solution that enables an ACS to generate, and an IDP to consume, this missing information. Our approach is to extend the existing SAML 2.0 proxying capability by allowing references to applications that participate in the SAML ecosystem but do not support SAML themselves. We conclude that simple changes in information technology practices (supported by the necessary enhancements in vendor products) can significantly improve application-level AAA in environments with shared assertion consumer services.  相似文献   

17.
基于LDAP的统一用户认证系统设计与实现   总被引:4,自引:0,他引:4  
本文通过分析现有应用系统在用户管理上存在的问题,提出统一用户认证解决方案.利用LDAP目录服务,构建一套统一的身份认证机制及网络应用资源管理模式,实现对用户的统一身份认证、单点登录、集中鉴权以及对网络应用资源的统一管理.  相似文献   

18.
网络交互中用户隐私信息保护模型的研究   总被引:1,自引:0,他引:1  
随着电子商务、电子政务等网络应用的不断发展,做为网络交互双方建立信任基础的用户身份信息,正在越来越频繁的使用。用户身份信息通常包含与用户隐私相关的内容,因此应该减少该信息在Web服务之间的共享以保护用户的隐私。本文通过对现有网络交互模式的分析,在最少共享用户隐私信息的基础上,提出一个通用的网络交互模型及在此模型基础上的保护用户隐私的解决方案。  相似文献   

19.
Identity and the different roles identities play in social question-answering communities have long been discussed from both a theoretical and empirical standpoint. Identity is usually analysed in ways that emphasise a transaction, and many studies use third-party raters to assign value judgements to these factors, which may not be relevant to a community. In this article, we examine identity in Stack Overflow, a question and answer site dedicated to solving computer-programming problems, which has a competitive community run reputation system. Profiles on Stack Overflow are highly customizable, allowing users to choose the level of personal information they want to share: from extensive to none. We develop a categorisation scheme using grounded theory to develop definitions of identity, and analyse behaviour based on these definitions. We find that the choice of identity is diverse within the community and that there is a correlation with identifiers and increased reputation earning among the general population. An analysis of elite users, however, indicates that identity is closely tied to membership length, but not to performance. The results indicate that allowing identity choices does affect system efficacy or user outcomes.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号