摘要
Kerberos单点登录协议存在口令猜测、重放攻击、缺乏认证等安全问题,该文以Kerberos协议为基础,设计一种新的单点登录协议,该协议修改了Kerberos协议的框架,引入一次性口令和授权服务机制,解决了Kerberos协议存在的问题,提供一种更安全、且扩展性强的单点登录协议。
Kerberos protocol has some security problems, such as password guess, replay attack, and absent authentication. This paper designs a new Single Sign-On(SSO) protocol based on Kerberos. The SSO protocol modifies Kerberos's framework, which solves Kerberos problem by using one time password and authorization. The new SSO protocol is a more secure and expansibile protocol.
出处
《计算机工程》
CAS
CSCD
北大核心
2008年第14期152-154,共3页
Computer Engineering