| SAML和XACML在单点登录中的应用研究与实现 |
| |
| 引用本文: | 王强,傅德胜.SAML和XACML在单点登录中的应用研究与实现[J].南京气象学院学报,2012,4(2):170-175. |
| |
| 作者姓名: | 王强 傅德胜 |
| |
| 作者单位: | 南京信息工程大学 计算机与软件学院, 南京, 210044;南京信息工程大学 计算机与软件学院, 南京, 210044 |
| |
| 摘 要: | 现代企业中出现的越来越多的应用系统往往各自提供一套身份认证方式,这不仅增加了用户的负担,而且降低了系统安全性.企业内部另一重要的问题是管理员如何控制已验证身份的用户的访问请求.基于SAML的单点登录技术和基于XACML的访问控制技术可以很好地解决这两个问题.在对SAML和XACML规范进行了分析的基础上,提出了一个基于SAML和XACML的单点登录模型,分析了该应用模型的安全性,最后在微软.NET平台上予以实现.
|
| 关 键 词: | 单点登录 身份认证 SAML XACML |
| 收稿时间: | 2010/10/19 0:00:00 |
Application of SAML and XACML in Single Sign-On technology |
| |
| WANG Qiang and FU Desheng.Application of SAML and XACML in Single Sign-On technology[J].Journal of Nanjing Institute of Meteorology,2012,4(2):170-175. |
| |
| Authors: | WANG Qiang and FU Desheng |
| |
| Institution: | School of Computer and Software, Nanjing University of Information Science & Technology, Nanjing 210044;School of Computer and Software, Nanjing University of Information Science & Technology, Nanjing 210044 |
| |
| Abstract: | Most applications in modern enterprises will provide a set of authentication method of their own,which increase the user''s burden and reduce the system security as well.Another serious problem is how to administer access requests of authenticated users.The Single Sign-On(SSO) based on SAML and access control based on XACML can provide a solution for these two problems.Based on the analysis of SAML and XACML specifications,an SSO model based on SAML and XACML is proposed in this paper,and applied on the platform of Microsoft.NET.The model shares user information including ID authentication and access level,which promote interoperability between different security systems and guarantees access control as well.The security of the model is also analyzed. |
| |
| Keywords: | SSO ID authentication SAML XACML |
|
| 点击此处可从《南京气象学院学报》浏览原始摘要信息 |
| 点击此处可从《南京气象学院学报》下载免费的PDF全文 |
|
