摘要
由于各种安全服务系统所采用的身份验证和授权机制存在差异,这就为它们之间的信息共享带来了困难,安全声明标记语言(SAML)的出现解决了这一难题。介绍了SAML标准、SAML体系结构,设计了一种基于SAML标准的授权方案,以SAML声明为载体在服务系统间传递用户的认证和授权信息,实现异构系统的权限共享。
Because identity authentication and authorization mechanism adopt by various safe service system exist difference, this brought difficulties for their informations sharing. The emergence of Security Assertion Markup Language (SAML) solved those problems. This text introduced SAML standard, the architecture of SAML, designed an authorization framework based on SAML standard, with theSAML assertion , the framework exchange user' s authentication and authorizationinformation , and realized authority sharing of heterogeneous systems.
出处
《菏泽学院学报》
2007年第5期36-38,82,共4页
Journal of Heze University
关键词
安全声明标记语言
身份认证
授权管理
权限共享
Security Assertion Markup Language (SAML)
identity authentication
authorization
Authority sharing
