| 基于认证协议的Web单点登录优化设计 |
| |
| 引用本文: | 张小红,樊中奎.基于认证协议的Web单点登录优化设计[J].计算机工程,2010,36(13):146-148. |
| |
| 作者姓名: | 张小红 樊中奎 |
| |
| 作者单位: | 1. 北京邮电大学网络与交换技术国家重点实验室信息安全中心,北京,100876;江西理工大学信息工程学院,赣州,341000
2. 江西理工大学信息工程学院,赣州,341000 |
| |
| 基金项目: | 高等学校博士学科点专项科研基金资助项目,中国博士后基金资助项目,江西省教育厅科技基金资助项目 |
| |
| 摘 要: | 针对Kerberos认证协议Web环境中进行单点登录存在的安全隐患,基于Schnorr协议的挑战/响应方式,结合Secure Cookies、HttpSession解决Web环境下HTTP协议的无状态性及服务器间的安全会话。实验结果表明,该方案性能稳健,响应速度快,防攻击力强,具有良好的实用价值和应用前景。
|
| 关 键 词: | Kerberos协议 Schnorr协议 单点登录 身份认证 优化设计 |
Optimized Design of Web Single Sign-On Based on Authentication Protocol |
| |
| ZHANG Xiao-hong,FAN Zhong-kui.Optimized Design of Web Single Sign-On Based on Authentication Protocol[J].Computer Engineering,2010,36(13):146-148. |
| |
| Authors: | ZHANG Xiao-hong FAN Zhong-kui |
| |
| Affiliation: | (1. Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876; 2. School of Information Engineering, Jiangxi University of Science and Technology, Ganzhou 341000) |
| |
| Abstract: | This paper proposes a novel scheme aiming at security treatments based on Kerberos protocol with Single Sign-On(SOS) in Web environment. In order to avoid authentication server being attacked, a challenge/response mode with Schnorr protocol is adopted. Secure cookies and HTTP session are selected to solve HTTP protocol non-state, and to keep secure sessions between Web servers. Experimental test shows that this project has solid performance, fast response speed, strong resistibility, and possesses better application value and foreground. |
| |
| Keywords: | Kerberos protocol Schnorr protocol Single Sign-On(SSO) identity authentication optimized design |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
