| 云服务中跨安全域的联合身份认证技术分析 |
| |
| 引用本文: | 周君平,孔德新,付伟,杜佳颖.云服务中跨安全域的联合身份认证技术分析[J].信息安全与通信保密,2012(11):89-90,94. |
| |
| 作者姓名: | 周君平 孔德新 付伟 杜佳颖 |
| |
| 作者单位: | 北京国富安电子商务安全认证有限公司,北京,100176 |
| |
| 摘 要: | 针对云服务中众多服务资源的安全有效登录问题,提出跨安全域的联合身份认证。首先,为保障用户身份信息的安全性,采用SAML2.0技术规范,建立安全域实现不同安全域下用户身份的鉴别和信息的交换;其次,为保障信息交换的安全性,使用SSL安全链路进行通信,以确保信息的完整性和机密性。该设计实现了对云服务中用户登录信息跨域的有效验证,提高了资源访问的安全性。
|
| 关 键 词: | 云服务 安全域 联合身份认证 SAML |
Analysis of Federation Identity Authentication across Security Domains in Cloud Service |
| |
| ZHOU Jun-ping,KONG De-xin,FU Wei,DU Jia-ying.Analysis of Federation Identity Authentication across Security Domains in Cloud Service[J].China Information Security,2012(11):89-90,94. |
| |
| Authors: | ZHOU Jun-ping KONG De-xin FU Wei DU Jia-ying |
| |
| Affiliation: | (Beijing Guo Fu An e-commerce Security Certification Co. Ltd.,Beijing 100176,China) |
| |
| Abstract: | For the secure and effective login on many service resources in the cloud,this paper proposes a federation identity authentication across security domains,and in order to protect user identity information,SAML 2.0 technical specifications is adopted,thus to establish security domain and realize the user identity authentication and information exchange in among the different domains. Then,in order to protect the security of information exchange,SSL secure link is used to transfer information and thus ensure information integrity and privacy. The solution can effectively verify user's login information across different domains and improve the security of resources-access in the cloud. |
| |
| Keywords: | cloud service security domain federation identity authentication SAML |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
