期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

联合身份认证及在校际资源网的应用 被引量:6

Federated Identity Authentication and Its Application in Inter-college Network Resource
原文传递
导出
摘要 随着联合身份认证技术的发展和成熟,在校际资源共享中遇到的用户管理和认证问题有了现实、可行、安全的解决方案。文中对现有的联合认证技术的发展进行研究,介绍了常见的身份认证的标准,分析SAML的特点和优势,总结了国内外校际资源共享发展应用的现状,介绍了两种基于SAML的开源产品OpenSSO和Shibboleth。另外,还分析了校际身份认证的特点和面临的问题,最后介绍了如何合理使用OpenSSO的联合认证技术来实现校际身份联合认证。 Along with the development and mature of federated identity authentication technology, there are already realistic, practical and secure solutions for all the problems in the federated authentication technology. This article fo- cuses on the current technology of federated identity authentication, presents three most common standards of federated identity authentication, analyzes the features and advantages of open standard SAML including the current application of inter-college resource sharing network, and then describes 2 kinds of SAML-based open source implementations, that is, Opensso and Shibboleth. Finally, the article discusses the features and the problems faced in the implementation of feder- ated inter-college identity authentication, and it also gives how to use OpenSSO to solve these problems.
作者 刘维红 杭剑平
机构地区 浙江汇信科技有限公司
出处 《信息安全与通信保密》 2010年第1期126-129,共4页 Information Security and Communications Privacy
关键词 联合身份 OpenSSO SHIBBOLETH SAML OPENID CardSpace InfoCard 自由联盟 虚拟联合代理 federated identity OpenSSO Shibboleth SAML OpenID CardSpace InfoCard liberty alliance virtural federation proxy
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献15

  • 1倪亮,韩臻,何永忠.身份管理技术综述[J].信息安全与通信保密,2007,29(11):78-81. 被引量:6
  • 2林承佶,张保稳,薛质.基于SAML的安全技术在电子商务中的应用[J].信息安全与通信保密,2007,29(5):101-103. 被引量:3
  • 3Sun Microsystelns, Inc. Sun OpenSSO Enterprise 8.0 Technical Overview[EB/OL].(2008-11-01 )[2009-06-01]. http: //docs.sun.com/app/docs/doc/820-3740.
  • 4Maler Eve, Reed Drummond. The Venn of Identity -Options and Issues in Federated Identity Management[J]. Security&Privacy, IEEE, 2008, 06 ( 02 ). 16-23.
  • 5David Hunter. Microsoft CardSpace interop with OpenID announced at RSA[EB/OL].(2007-02-06) [2009-06-01]. http: //www.hunterstrat.com/ news/microsoft-cardspace-interop-with-openid- announced-at-rsa.
  • 6projectliberty.org. Now More Than One Billion Liberty-enabled Devices and Identities[EB/OL]. [2009-06-01]. http: //www.projectliberty.org/ liberty/adoption.
  • 7refeds.terena.org. Survey as a table[EB/OL]. [2009- 06-01]. https: //refeds.terena.org/index.php/ Federations.
  • 8shibboleth.internet2.edu. About CARSI-Fed/ CERNET-Fed[EB/OL]. [2009-06-01]. http: // shibboleth.edu.cn/.
  • 9shibboleth.internet2.edu. Shibboleth[EB/0L]. [2009- 06-01]. http: //shibboleth.internet2.edu/.
  • 10OpenSSO.dev.java.net. OpenSSO[EB/0L]. [2009- 06-01]. https: //opensso.dev.java.net/public/ about/faqcenter/faqoverview.html.

二级参考文献15

  • 1韩伟,范植华.基于SAML的单点登录技术在Web服务中的应用研究[J].计算机工程与设计,2005,26(3):634-636. 被引量:33
  • 2严毅,宁葵,唐天兵.Web服务的安全技术[J].微机发展,2005,15(9):65-67. 被引量:7
  • 3[1]O'Neill M.Web Services Security.New York:McGraw-Hill/Osborne.2003.
  • 4[2]Hartman B,Flinn D J.Mastering Web Services Security.Indianapolis Ind:Wiley Technology Pub.,2004.
  • 5[3]Microsoft.增强Web服务安全性的新技术.Microsoft,2005.http://www.microsoft.com/china/msdn/library/security/mac0304WSSecu.mspx?mfr=true
  • 6[1]Meta Group Inc.The Value of Identity Management:securing identity management provides value to the enterprise.August 2002.URL:http://www.pwcglobal.com/Extweb/service.nsf/8b9d788097dff3c9852565e00073c0ba/88a387cdb58b4c0085256c6a006e0036/$FILE/ValueoflMWhitePaper.pdf(26 Jan.2003).
  • 7[2]Identity and Access Management Solution GIAC Security Essentials Certification(GSEC) Practical Assignment Version 1.4cOption 1-Research on Topics in Information Security Martine LINARES on February 14,2005.
  • 8[3]Chong Frederick.Microsoft Corporation.Identity and Access Management.Jul.2004.6 Dec.2004.URL:http://msdn.microsoft.com/library/default.asp?url=/library/enus/dnmaj/html/aj3identity.asp.
  • 9[4]Introduction to the Liberty Alliance,Identity Architecture,Revision 1.0,March,2003 www.projectliberty.com.
  • 10[5]Federated Identity Management,by:Ajoy Kumar,12/20/2004,http://www.securitydocs.com/library/2782.

共引文献7

同被引文献32

  • 1刁红军,朱晓旭,朱斐.基于Web统一身份认证服务的实现方案[J].计算机工程,2006,32(13):277-279. 被引量:3
  • 2林承佶,张保稳,薛质.基于SAML的安全技术在电子商务中的应用[J].信息安全与通信保密,2007,29(5):101-103. 被引量:3
  • 3NEUMAN C, YU T, HARTMAN S, et al. RFC4120-The Kerberos Network Authentication Service (V5)[EB/OL]. [2005- 07-01]. http: //www.ietf.org/rfc/rfc4120.txt.
  • 4Organization for the Advancement of Structured Information Standards(OASIS). Assertions and Protocols for the OASIS Security Assertion Markup Language(SAML) V2.0[EB/OL]. [2005-05-15].http : //docs.oasis-open.org/security/saml/v2.0.
  • 5Organization for the Advancement of Structured Information Standards(OASIS). WS-Trust 1.4[EB/OL]. [2009-02-01]. http : // docs.oasis-open.org/ws-sx/ws-trust/v 1.4/ws-trust.doc.
  • 6Organization for the Advancement of Structured Information Standards(OASIS). Web Services Federation Language(WS- Federation) Version 1.2 [EB/OL]. [2009-01-01]. http: //docs. oasis-open.org/wsfed/federation/v 1.2/ws-federation.pdf.
  • 7陈萍,张蓓,吕洁.中间件实现跨校资源整合及技术优势介绍说明[EB/OL].[2008-05-25].http://www.edu.cn/zjj-6573/20080525/t20080525-298480.shtml.
  • 8江淇,王群.Shibboleth系统应用实例分析[J].现代图书情报技术,2007(9):44-48. 被引量:5
  • 9Anonymity. IdP and SP security advisory 20111024[EB/ OL]. [2001-02-15]. http://shibboleth.intemet2.edu/.
  • 10Google. Overview: Real Time Protocols for Brower-based Applications draft-ietf-rtcweb-overview-02[DB/OL]. (2011-9-28)[2012-12-4]. http: //tools.ietf.org/html/draft- ietf-rtcweb-overview-02.

引证文献6

二级引证文献11

信息安全与通信保密
2010年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部