| 基于SAML与XKMS的安全单点登录认证模型的研究与实现* |
| |
| 引用本文: | 陈天玉,谢冬青,杨小红,杨海涛.基于SAML与XKMS的安全单点登录认证模型的研究与实现*[J].计算机应用研究,2010,27(3):1019-1021. |
| |
| 作者姓名: | 陈天玉 谢冬青 杨小红 杨海涛 |
| |
| 作者单位: | 1. 湖南大学,软件学院,长沙,410082
2. 湖南大学,软件学院,长沙,410082;广州大学,计算机科学与教育软件学院,广州,510006 |
| |
| 基金项目: | 国家自然科学基金资助项目(60673156);国家教育部科学技术研究重点基金资助项目(105129) |
| |
| 摘 要: | 针对Browser/Artifact方式进行单点登录时存在的安全性问题,设计出一种基于SAML与XKMS的安全单点登录认证模型。它采用一种结合传统PKI与XML密钥管理规范(XKMS)的统一密钥管理子层来提供密钥管理,使用XML数字签名和加密技术来保证SAML声明传递的安全性。通过在J2EE平台上实现,证明了该模型可以很好地解决Browser/Artifact方式传递SAML声明存在的安全性问题。
|
| 关 键 词: | :单点登录 安全声明标记语言 XML密钥管理规范 XML数字签名 XML加密 Web服务 |
Research and implementation of security SSO authentication model based on SAML and XKMS |
| |
| CHEN Tian-yu,XIE Dong-qing,YANG Xiao-hong,YANG Hai-tao.Research and implementation of security SSO authentication model based on SAML and XKMS[J].Application Research of Computers,2010,27(3):1019-1021. |
| |
| Authors: | CHEN Tian-yu XIE Dong-qing YANG Xiao-hong YANG Hai-tao |
| |
| Affiliation: | 1.College of Software/a>;Hunan University/a>;Changsha 410082/a>;China/a>;2.School of Computer Science & Educational Software/a>;Guangzhou University/a>;Guangzhou 510006/a>;China |
| |
| Abstract: | For the security problem existing in the process of SSO which used Browser/Artifact mode, this paper designed a security SSO authentication model based on SAML and XKMS. It used a key management layer which combined traditional PKI with XKMS to provide the key management service, at the same time, this model applied XML digital signature technology and XML encryption technology to ensure the security of sending SAML statement message. Through the implementation on the platform of J2EE,the result proves that the security SSO model can be a very good solution to the security problem in the deli-very of SAML statement by Browser/Artifact mode. |
| |
| Keywords: | SSO SAML XKMS XML digital signature XML encryption Web service |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
