摘要
在Internet/Intranet的应用中,安全性面临着严重的挑战。用户在进入系统时,传统方法是通过口令验证其身份。这在某种程度上虽确保了计算机系统的安全,但同时存在着记忆烦琐、易丢失、易遗忘等弊端。另一方面,各种应用多样的身份认证机制,不仅繁杂而且给客户的访问增加了安全隐患。为此本文提出一种结合指纹识别、证书和身份令牌USBKey的多因素的具有强身份认证和一次性登录功能的认证及授权系统。
The security of application system in the Internet is in the face of great challenge now.When the user access the system, the traditional means to identify the user is his password.This method make the system save in a way,but it also has some defects as difficult to be remembered and easy to be forgotten.On the other hand,various application systems have various identity authentications.Those reduce the security of system.So this article proposes a kind of identify and warrant system with single sign on mechanism for identity authentication based on multiple factors,such as fingerprint,certificate,and identity token.
出处
《计算机应用与软件》
CSCD
北大核心
2005年第6期100-103,共4页
Computer Applications and Software