基于信任度的网络应用对等单点登录

华南理工大学学报(自然科学版) ›› 2004, Vol. 32 ›› Issue (10): 56-61.

基于信任度的网络应用对等单点登录

林满山郭荷清尹剑飞高学勤

华南理工大学计算机科学与工程学院广东广州510640

收稿日期:2003-11-13 出版日期:2004-10-20 发布日期:2015-09-08
通信作者: 林满山（1978－）男博士生主要从事企业应用集成中间件方面的研究． E-mail:mshill＠hotmail.com
作者简介:林满山（1978－）男博士生主要从事企业应用集成中间件方面的研究．
基金资助:
国家973高技术研究发展计划基金资助项目（G20000263）

A Trust-based Peer-to-peer Single Sign -on Scheme Between Web -based Applications

Lin Man- shan Guo He- qing Yin Jian- fei Gao Xue- qin

College of Computer Science＆EngineeringSouth China Univ．of Tech．Guangzhou510640GuangdongChina）

Received:2003-11-13 Online:2004-10-20 Published:2015-09-08
Contact: 林满山（1978－）男博士生主要从事企业应用集成中间件方面的研究． E-mail:mshill＠hotmail.com
About author:林满山（1978－）男博士生主要从事企业应用集成中间件方面的研究．

摘要/Abstract

摘要： 为了克服传统的集中式单点登录解决方案中单点失效的缺陷适应企业间单点登录动态性和广泛性的特点基于 Liberty 单点登录协议提出了基于信任度的网络应用对等单点登录模型．通过把对等概念引入单点登录使企业间应用的单点登录范围可以进行动态设定．通过建立单点登录信任模型提出了相应的身份联合和单点登录过程并解决了企业间应用在单点登录情况下的用户个人信息交换策略、授权管理等问题．分析表明企业内部应用间的单点登录适合采用集中式的单点登录；一旦单点登录跨越了企业边界则适合采用基于信任度的对等单点登录；在实际应用中宜采用两者的混合体。

关键词: 对等单点登录, Dempster -Shafer 理论, 信任度模型

Abstract: In order to solve the problem of single point failure in the traditional central single sign-on （SSO） schemeand accommodate to the dynamic and broad SSO across organizationsa trust -based peer -to-peer SSO scheme （P2P-SSO） between Web-based applications was proposed based on the Liberty protocol．In this schemeby introducing theconcept of peer -to-peer into SSOit is possible to dynamically control the boundary of SSO across organizations．Thecorresponding identity federation process and the SSO process were then put forward by establishing a SSO trust schemeand the problems such as the user information exchange strategyauthorization administrationetc．in the SSO across organization scenario were finally solved．The analytical results indicate that the traditional central SSO scheme is adaptable to the SSO within an organization and the P2P-SSO scheme to the SSO across organizationswhile for practical applicationsthe combination of the two schemes is more adaptive.

Key words: peer -to-peer single sign-on, Dempster -Shafer theory, trust model

林满山, 郭荷清, 尹剑飞, 等. 基于信任度的网络应用对等单点登录[J]. 华南理工大学学报(自然科学版), 2004, 32(10): 56-61.

Lin Man- shan, Guo He- qing, Yin Jian- fei, et al. A Trust-based Peer-to-peer Single Sign -on Scheme Between Web -based Applications[J]. Journal of South China University of Technology(Natural Science Edition), 2004, 32(10): 56-61.