| 基于安全断言标记语言实现单点登陆 |
| |
| 引用本文: | 武文丽,黄永忠,陈海勇. 基于安全断言标记语言实现单点登陆[J]. 计算机工程与设计, 2007, 28(4): 785-788 |
| |
| 作者姓名: | 武文丽 黄永忠 陈海勇 |
| |
| 作者单位: | 信息工程大学,信息工程学院,河南,郑州,450002;信息工程大学,信息工程学院,河南,郑州,450002;信息工程大学,信息工程学院,河南,郑州,450002 |
| |
| 摘 要: | 单点登录(single sign-on,SSO)作为一种为解决传统认证机制所存在的问题而提出的技术,已成为分布式系统研究的热点之一.对当前流行的安全断言标记语言(SAML)提供的两种单点登陆模型Artifact和Post进行介绍分析,指出它们存在的不足.针对其局限性,引入了凭证和准凭证的概念,提出了一种改进的基于SAML的单点登陆模型并以实现.最后对该模型的性能进行了分析.
|
| 关 键 词: | 单点登录 安全断言标记语言 断言 凭证 准凭证 |
| 文章编号: | 1000-7024(2007)04-0785-04 |
| 修稿时间: | 2006-06-15 |
Single sign-on model based on security assertion markup language |
| |
| WU Wen-li,HUANG Yong-zhong,CHEN Hai-yong. Single sign-on model based on security assertion markup language[J]. Computer Engineering and Design, 2007, 28(4): 785-788 |
| |
| Authors: | WU Wen-li HUANG Yong-zhong CHEN Hai-yong |
| |
| Affiliation: | College of Information Engineering, Information Engineering University, Zhengzhou 450002, China |
| |
| Abstract: | SSO(single sign-on) has been the research hotspot in distributed system,which is a technology introduced to resolve the problems of traditional authentication.Two single sign-on models are introduced: Artifact and post,which is provided by security assertion markup language(SAML).By analysis the limitation of two models is pointed out.In order to make some improvement to these flaws,two concepts: Pass and quasi-pass are brought in.Under the two principles,an improved SSO model based on SAML is proposed and implemented.At last,the performance of new model is analyzed. |
| |
| Keywords: | single sign-on SAML assertion pass quasi-pass |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
