摘要
随着Web 2.0时代到来,不同厂商的Web应用出现了服务开放化和交叉化的趋势。在这种情况下,用户的个人授权信息是不同厂商建立联系的唯一纽带,我们需要一种安全的信息交互和授权机制来保护个人信息不泄露给第三方。本文着重分析了结合使用OpenID和OAuth两个开放协议进行用户信息安全授权的过程,并列举了可能出现的风险和防范方法。
With the Web 2.0 era, there is a trend of opening up of services and digitalizing cross by Web applications from different vendors. In this case, personal information of users is authorized by different manufacturers which is the only contact link built by them. A safe information interaction and authorization mechanism are needed to protect personal information without leaking to the third party. This paper focuses on analyzing the process of users information security authorized by combining two open protocols OpenID and OAuth, and listing the possible risks and prevention methods.
出处
《武汉商业服务学院学报》
2011年第5期90-93,共4页
Journal of Wuhan Commercial Service College
