| 基于可变Cookie的跨域单点登录 |
| |
| 引用本文: | 王国伟,薛曼君. 基于可变Cookie的跨域单点登录[J]. 计算机工程与设计, 2012, 33(8): 2931-2935 |
| |
| 作者姓名: | 王国伟 薛曼君 |
| |
| 作者单位: | 1. 河南理工大学计算机科学与技术学院,河南焦作,454000
2. 河南理工大学建筑与艺术设计学院,河南焦作,454000 |
| |
| 基金项目: | 河南省软科学研究计划基金项目(102400450064);河南理工大学青年基金重点项目(Q2011-31A) |
| |
| 摘 要: | 针对单点登录中的跨域身份认证问题,提出了一种基于可变Cookie的方案解决跨域单点登录,使用随机数字生成票据,并作为传统加密算法的会话密钥对客户端的Cookie进行加密,采用现代加密算法在异域系统之间安全传递票据,每次认证产生新的票据并更新异域应用系统的Cookie。通过对票据产生和传输以及Cookie加密和常见攻击的安全性分析,可以实现跨域单点登录的功能并保证身份认证安全可信。
|
| 关 键 词: | 单点登录 跨域 Cookie 认证 票据 SOA Webservice |
Variable cookies based cross domain single sign on |
| |
| WANG Guo-wei , XUE Man-jun. Variable cookies based cross domain single sign on[J]. Computer Engineering and Design, 2012, 33(8): 2931-2935 |
| |
| Authors: | WANG Guo-wei XUE Man-jun |
| |
| Affiliation: | 1.School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454000,China; 2.School of Architectural and Artistic Design,Henan Polytechnic University,Jiaozuo 454000,China) |
| |
| Abstract: | To resolve the problems of cross domain identity authentication in single sign on,a solution based on variable cookies is proposed.By using random digital number generate the token that can be act as the session key in traditional cryptosystem,the solution presents a method of encrypting cookies which reserved as a document in users’ browser and security transmitting the token between application systems in heterogeneous domains through modern cryptosystem,in this method the token and cookies in different domains are variable with the every procedure of authentication.The security analysis of the generation and transmission of token and cookies encryption and replay attack shows that the solution is a security implementation of identity authentication in cross domain single sign on. |
| |
| Keywords: | single sign on cross domain cookie authentication token SOA Webservice |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
