摘要
为了解决W eb服务中信息之间的安全传输,需要引入一种安全有效的用户身份认证机制。文章首先分析了W eb服务中的安全性问题及传统的W eb服务认证机制,然后引入了解决问题的办法,即安全声明标记语言(SAML),介绍了SAML的三种断言、体系结构及应用现状,给出了利用SAML实现身份认证的系统结构及认证过程,实现了客户方、身份验证方、目标站点方三方之间声明信息的安全传输,最后指出SAML认证技术的优势及其发展前景。
In order to solve the problem of the information safe transmission between Web Services, an effective authentication mechanism needs to be imported. At first the security problems and traditional authentication mechanism in Web Services are analyzed in the paper. A solution to these problems, i.e. Security Assertion Markup Language (SAML) is introduced. Three types of SAML assertions,the architecture of SAML and its applied status are described. The SAML based system configuration and the process which realizes identity authentication is presented, the safe transmission of the assertion information among the client, the identification authority and the destination is realized. Finally,the advantage of SAML based authentication technology and the development prospect are given.
出处
《电力系统通信》
2006年第5期50-53,62,共5页
Telecommunications for Electric Power System
关键词
安全声明标记语言
安全
身份认证
单点登录
Security Assertion Markup Language (SAML)
security
identity authentication
single point log on
