摘要
目前,微服务体系架构的应用愈发广泛,很多微服务架构采用OAuth2.0协议实现用户认证授权体系,但该方案存在令牌可能被窃取或恶意篡改等风险。自主可控的国产密码杂凑算法SM3,可应用于基于OAuth2.0的微服务用户认证授权体系中,进一步提高该认证授权体系的安全性。
At present,the application of micro service architecture is more and more extensive.Many micro service architectures use OAuth2.0 protocol to implement user authentication and authorization system,but this scheme has the risk that tokens may be stolen or maliciously tampered with.The independently controllable domestic cryptographic hash algorithm SM3 can be used in the OAuth2.0 based micro service user authentication and authorization system to further improve the security of the authentication and authorization system.
作者
梁正华
弓晓锋
黄琳
周慧
LIANG Zhenghua;GONG Xiaofeng;HUANG Lin;ZHOU Hui(Guizhou Science and Technology Innovation Center Co.,Ltd.,Guiyang Guizhou 550002;Guizhou Science and Technology Information Center,Guiyang Guizhou 550002)
出处
《中国科技纵横》
2023年第24期21-23,共3页
China Science & Technology Overview
基金
SM3国产密码算法在微服务JWT用户认证体系中的研究与应用(黔科合基础[2019]1425号)。