Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2006, Vol. 29 ›› Issue (5): 130-134.doi: 10.13190/jbupt.200605.130.huangch

• Reports • Previous Articles     Next Articles

A New Web Single Sign-On Scheme Supporting the Multiple Authentication Modes

HUANG Chen, LI Zhong-xian, YANG Yi-xian, XU Guo-sheng   

  1. Information Security Center, Beijing University of Posts and Telecommunications, Beijing, 100876, China
  • Received:2005-09-01 Revised:1900-01-01 Online:2006-10-30 Published:2006-10-30
  • Contact: HUANG Chen

Abstract:

Existing single sign-on (SSO) schemes are built on centralized user information storage mechanism and single authentication mode, and it’s hard to meet the requirement of business operations in the dynamic and loose-coupled environment. To solve above problems, the ticket technology, agent mechanism and digital signature are studied, a new better SSO scheme is presented that uses cookie transmission carrier and ticket technology to support multiple authentications SSO, in addition, it establishes a authentication trust chain to support cross-domain SSO based on certificate trust chain. The results show the new scheme provides higher security and wider usage range, while it overcomes the shortcomings of the existing.

Key words: single sign-on, multiple authentication modes, cross-domain authentication, trust chain

CLC Number: