摘要
随着网络技术的飞速发展,基于网络平台的应用系统逐渐进入各行各业中,带来巨大收益的同时对安全性提出了更高的要求,需要保证访问其资源的用户具有合法的权限。为了适应多系统平台的发展要求,实现对登录平台的用户信息进行统一认证和管理,文中设计了一个跨域的单点登录系统(CD-SSO),它采用SAML断言作为安全信息定义的标准化格式,通过SOAP消息传递安全元素,利用WS-Security来保障消息的完整性和机密性。它在方便用户访问的同时提供了完善的安全服务机制,可以保证消息和服务的保密性、完整性和有效性。
Because of the network' s openness, systems in the Multisystem Platform (MP) call for a higher security. To solve this problem and provide the users of MP with unified and secure access to resources,it designs a cross-domain single sign-on system (CD-SSO) , with which the users do not need to authenticate identity repeatedly during a multi-service process. It uses SAML assertions as standard- ized format for security information and sends security element through SOAP message and uses WS-Security to protect message integrity and confidentiality. It can guarantee the security while helping users visit.
出处
《计算机技术与发展》
2012年第1期157-160,共4页
Computer Technology and Development
基金
天津市科技支撑计划重点项目(10ZCGYSF01300)
