A Supporting Multi-mode Application Single Sign-On Scheme Based on PKI/PMI

doi:10.13190/jbupt.200903.104.lixb

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2009, Vol. 32 ›› Issue (3): 104-108.doi: 10.13190/jbupt.200903.104.lixb

• Reports • Previous Articles Next Articles

A Supporting Multi-mode Application Single Sign-On Scheme Based on PKI/PMI

LI Xiao-biao

Received:2008-11-13 Revised:2009-01-31 Online:2009-06-28 Published:2009-06-28
Contact: Xiaobiao Li

Abstract

Abstract:

A single sign-on scheme is proposed supporting C/S applications and B/S applications. Authentication and authorization based on the PKI and PMI, the service is implemented by means of middleware to achieve the functions of authentication, authorization and auditing, and SAML to support the exchange of the authentication and authorization information; secure Cookies, shared memory and the technique of tickets are used in the client to achieve the multi-mode and cross-domain SSO solution. The scheme has a higher security, more comprehensive solution to the multi-mode SSO and therefore has a broad prospect.

Key words: single sign-on(SSO), multi-mode application, cross-domain authentication

LI Xiao-biao. A Supporting Multi-mode Application Single Sign-On Scheme Based on PKI/PMI[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(3): 104-108.

References

[1] 林满山, 郭荷清. 单点登录技术的现状及发展[J]. 计算机应用, 2004, 24(6): 248-250. Lin Manshan, Guo Heqing. The present situation and development of single sign-on technology[J]. Computer Applications, 2004, 24(6): 248-250.
[2] 张颖江, 郑秋华, 李腊元. 单次登录技术分析及集中身份认证平台设计. 武汉理工大学学报(交通科学与工程版), 2004, 28(2): 240-243. Zhang Yingjiang, Zheng Qiuhua, Li Layuan. Analysis of single sign-on technique and design of central authentication platform[J]. Journal of Wuhan University of Technology(Transportation Science & Engineering), 2004, 28(2): 240-243.
[3] 王薇, 张红旗, 张斌, 等. 基于PKI/PMI的多域单点登录研究[J]. 微计算机信息, 2006, 22(21): 150-152. Wang Wei, Zhang Hongqi, Zhang Bin, et al. Research of multiple domain single sign-on based on PKI/PMI[J]. Microcomputer Information, 2006, 22(21): 150-152.
[4] 黄琛, 李忠献, 杨义先, 等. 一种新的兼容多种身份认证方式的Web单点登录方案[J]. 北京邮电大学学报, 2006, 29(5): 130-134. Huang Chen, Li Zhongxian, Yang Yixian, et al. A new web single sign-on scheme supporting the multiple authentication modes[J]. Journal of Beijing University of Posts and Telecommunications, 2006, 29(5): 130-134.
[5] 陈东, 尹建伟. 支持多模式应用的分布式SSO系统设计与实现[J]. 计算机应用研究, 2007, 24(4): 276-278. Chen Dong, Yin Jianwei. Design and realization of distributed SSO system supporting multi-mode application[J]. Application Research of Computers, 2007, 24(4): 276-278.
[6] Liu A X, Huang C T, Gouda M G. A secure cookie protocol//Proceedings of IEEE ICCCN'05. San Diego: IEEE Press, 2005: 333-338.
[7] Park J S, Sandhu R. Secure cookies on the Web[J]. IEEE Internet Computing, 2000, 4(4): 36-44.

A Supporting Multi-mode Application Single Sign-On Scheme Based on PKI/PMI

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 1

Recommended Articles

Metrics

Comments