| SaaS模式下新型认证方案的设计与分析 |
| |
| 引用本文: | 韩秋君,丁岳伟.SaaS模式下新型认证方案的设计与分析[J].计算机工程,2011,37(7):133-135. |
| |
| 作者姓名: | 韩秋君 丁岳伟 |
| |
| 作者单位: | 上海理工大学光电信息与计算机工程学院,上海,200093 |
| |
| 摘 要: | 针对软件即服务(SaaS)应用系统下认证协议的应用及安全性问题,提出一种新型认证方案。通过加密用户口令,将散列结果传输到网络上,只有服务器私钥才能解密,从而实现客户端及服务器双向认证一次性口令技术,提高认证系统的安全性。采用SVO逻辑对该协议进行形式化分析,结果验证了其安全性。
|
| 关 键 词: | 软件即服务 认证协议 SVO逻辑 一次性口令 |
Design and Analysis of New Authorization Scheme in SaaS Mode |
| |
| HAN Qiu-jun,DING Yue-wei.Design and Analysis of New Authorization Scheme in SaaS Mode[J].Computer Engineering,2011,37(7):133-135. |
| |
| Authors: | HAN Qiu-jun DING Yue-wei |
| |
| Affiliation: | (School of Optical-Electrical and Computer Engineering,University of Shanghai for Science & Technology,Shanghai 200093,China) |
| |
| Abstract: | In Software-as-a-Service(SaaS) mode,for the application and security issues of the authentication protocol,this paper proposes a new authorization scheme,raises an improved OTP technology.It transfers the hash result for user password by encrypting on the network that only can decrypt by the server private key,and it implements the two-way authentication between the client and the server.It can improve the security of the authentication system,and adopts the SVO logic formal analysis to validate the results of this protocol. |
| |
| Keywords: | Software-as-a-Service(SaaS) authentication protocol SVO logic OTP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
