一种基于Cookie的跨域单点登录方案设计
针对多应用系统下用户需多次进行身份认证导致工作效率较低及系统安全性差的问题,提出了一种基于Cookie的跨域单点登录方案。用户可以在不同域内的应用系统间安全有效地实现“一处登录,多处访问”。给出了方案的总体模型,分析了登录流程,解释了跨域的实现,详细地说明了双向认证过程,保证通信双方的身份合法性。引入角色认证管理,降低了单点登录系统与应用系统的耦合。...
Saved in:
| Published in | 计算机工程与科学 Vol. 39; no. 7; pp. 1295 - 1299 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | Chinese |
| Published |
中南大学信息科学与工程学院,湖南长沙,410083
2017
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1007-130X |
| DOI | 10.3969/j.issn.1007-130X.2017.07.014 |
Cover
| Summary: | 针对多应用系统下用户需多次进行身份认证导致工作效率较低及系统安全性差的问题,提出了一种基于Cookie的跨域单点登录方案。用户可以在不同域内的应用系统间安全有效地实现“一处登录,多处访问”。给出了方案的总体模型,分析了登录流程,解释了跨域的实现,详细地说明了双向认证过程,保证通信双方的身份合法性。引入角色认证管理,降低了单点登录系统与应用系统的耦合。 |
|---|---|
| Bibliography: | Aiming at the problem of low efficiency and poor system security due to the multiple au thentication of users under multiple application systems, we propose a cookie-based cross-domain single sign-on scheme. Users can login once but access multiple systems in different domains. We provide the overall model of the scheme, analyze the login process and explain the implementation of the cross-domain. The mutual authentication is explained in details, which ensures the legitimate identity of both sides of communication. The management of role-identity is added to reduce the coupling between single sign-on systems and web application systems. single sign-on ; mutual authentication ; ticket ; role management 43-1258/TP GUO Hao, WANG Guo-cai, LUO Pin (School of Information Science and Engineering,Central South University,Changsha 410083, China) |
| ISSN: | 1007-130X |
| DOI: | 10.3969/j.issn.1007-130X.2017.07.014 |