| 一种可证安全的基于浏览器的联合身份管理双向认证协议 |
| |
| 引用本文: | 王 凯,祝跃飞,林 敏.一种可证安全的基于浏览器的联合身份管理双向认证协议[J].计算机应用研究,2013,30(6):1843-1846. |
| |
| 作者姓名: | 王 凯 祝跃飞 林 敏 |
| |
| 作者单位: | 1. 解放军信息工程大学,郑州,450002
2. 河南工业大学,郑州,450000 |
| |
| 基金项目: | 郑州市科技创新团队基金资助项目(10CXTD150) |
| |
| 摘 要: | 提出了一种基于浏览器的联合身份管理双向认证协议, 在TLS会话中采用人类可感知认证码验证身份权威服务器, 通过绑定客户端证书结合加强同源策略达到双向保护令牌的目的。最后用形式化模型分析了其安全性, 证明了协议能够提供安全的认证。
|
| 关 键 词: | 联合身份管理 基于浏览器的身份认证 人类可感知认证码 安全令牌 |
Provably secure browser-based mutual authentication protocol for federated identity management |
| |
| WANG Kai,ZHU Yue-fei,LIN Min.Provably secure browser-based mutual authentication protocol for federated identity management[J].Application Research of Computers,2013,30(6):1843-1846. |
| |
| Authors: | WANG Kai ZHU Yue-fei LIN Min |
| |
| Affiliation: | 1. Information Engineering University of PLA, Zhengzhou 450002, China; 2. Henan University of Technology, Zhengzhou 450000, China |
| |
| Abstract: | This paper proposed a browser-based mutual authentication for federated identity management, which identified the identity authority based on human perceptible authenticators in a TLS session and protected the token mutually by binding the client certificate and using stronger same origin protocol. The paper analysed the security of the protocol in the formal model, and proved that the protocol could provide secure authentication. |
| |
| Keywords: | federated identity management(FIM) browser-based authentication human perceptible authenticators secu-rity token |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
