| 基于PKI/PMI的校园网安全单一登录方案 |
| |
| 引用本文: | 杨波,王常吉,段海新,吴建平.基于PKI/PMI的校园网安全单一登录方案[J].计算机工程与应用,2004,40(36):118-121,173. |
| |
| 作者姓名: | 杨波 王常吉 段海新 吴建平 |
| |
| 作者单位: | 清华大学信息网络工程研究中心,北京,100084 |
| |
| 基金项目: | 国家自然科学基金(编号:60203004) |
| |
| 摘 要: | 传统C/S应用大多采用基于私有口令系统的认证和授权,这增加了系统管理负担,也增加了用户的记忆和输入负担。单一登录是提高用户工作效率和降低管理成本的解决办法,但现有的单一登录方案多数需要重新设计C/S程序或者未采用强认证和授权的机制。该文提出一种“代理-经纪人-网关”单一登录模型,并基于PKI和PMI技术设计了一种针对校园网C/S应用的集中认证和授权的单一登录方案(TH-SSO),可有效地避免修改现有C/S应用程序,同时为应用提供了强健的认证和授权。
|
| 关 键 词: | 单一登录 公钥基础设施 特权管理基础设施 身份认证 授权 |
| 文章编号: | 1002-8331-(2004)36-0118-04 |
A Single Sign-on Solution for Campus Networks Based on PKI and PMI |
| |
| Yang Bo,Wang Changji,Duan Haixin,Wu Jianping.A Single Sign-on Solution for Campus Networks Based on PKI and PMI[J].Computer Engineering and Applications,2004,40(36):118-121,173. |
| |
| Authors: | Yang Bo Wang Changji Duan Haixin Wu Jianping |
| |
| Abstract: | Traditional client/server applications have a proprietary password-based authentication system,which imposes a burden of memorizing and re-typing lots of passwords upon users,as well as increases management cost.Single Sign-On(SSO) is a way to enhance user productivity and ease management.Most existing SSO technologies either require to redesign the C/S applications or still adopt weak authentication and authorization mechanism.This paper proposes anAgent-Broker-Gateway SSO scheme(TH-SSO).The TH-SSO scheme makes use of Public Key Infrastructure(PKI) and Privilege Management Infrastructure(PMI) to provide strong authentication and flexible authorization,and need not modify legacy C/S applications. |
| |
| Keywords: | Single Sign-On PKI PMI authentication authorization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
