Token-based cross domain single sign on

doi:10.3724/SP.J.1087.2012.01766

Journal of Computer Applications ›› 2012, Vol. 32 ›› Issue (06): 1766-1768.DOI: 10.3724/SP.J.1087.2012.01766

• Typical applications • Previous Articles Next Articles

Token-based cross domain single sign on

WANG Guo-wei¹,XUE Man-jun²

1. School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo Henan 454000, China
2. School of Architectural and Artistic Design, Henan Polytechnic University, Jiaozuo Henan 454000, China

Received:2011-11-29 Revised:2012-01-25 Online:2012-06-04 Published:2012-06-01
Contact: WANG Guo-wei

基于票据的跨域单点登录

王国伟¹,薛曼君²

1. 河南理工大学计算机科学与技术学院，河南焦作 454000
2. 河南理工大学建筑与艺术设计学院，河南焦作 454000

通讯作者: 王国伟
作者简介:王国伟（1979-），男，河南平顶山人，讲师，硕士，主要研究方向：分布式系统架构、网络安全；〓薛曼君（1982-），女，河南焦作人，讲师，硕士，主要研究方向：计算机图形处理。
基金资助:
河南省软科学研究计划项目;河南理工大学青年基金重点资助项目

Abstract

Abstract: To resolve the problems of cross domain identity authentication in single sign on, a solution based on token was proposed, which transmit the encrypted logon information of user through URL redirection, and then the application systems in heterogeneous domains get the information and response data operation. By using random digital number as token that can be act as the parameter to generate session key of traditional cryptosystem, the solution presents a method of mutual trust and security token transmission between application systems in heterogeneous domains through modern cryptosystem, in this method the application systems generate the session key by using token and encrypt/decrypt the user information, and each communication use different session key. The security analysis of the generation and transmission of token and key shows that the solution is a security implementation of identity authentication in cross domain single sign on.

Key words: single sign on, cross domain, key, authentication, token

摘要： 针对单点登录中的跨域身份认证问题，提出了一种基于票据的解决方案，以地址重定向的方式传递加密用户登录信息，异域应用系统获取用户信息并提供数据操作服务。使用随机数字生成票据，并作为生成传统加密算法会话密钥的参数，采用现代加密算法实现异域系统之间的互信并安全传递票据，异域应用系统根据票据产生会话密钥，加密并传输用户登录信息，每次会话产生新的密钥。通过对票据产生和传输以及密钥的安全性分析，可以实现跨域单点登录的功能并保证身份认证安全可信。

关键词: 单点登录, 跨域, 密钥, 认证, 票据

CLC Number:

TP393.02

WANG Guo-wei XUE Man-jun. Token-based cross domain single sign on[J]. Journal of Computer Applications, 2012, 32(06): 1766-1768.

王国伟薛曼君. 基于票据的跨域单点登录[J]. 计算机应用, 2012, 32(06): 1766-1768.

[1]	Xudong LI, Yukang FENG, Junsheng CHEN. Multi-key page-level encryption system for SQLite [J]. Journal of Computer Applications, 2024, 44(9): 2791-2801.
[2]	Haoyu ZHAO, Ziqiang YU, Xiaomeng CHEN, Guoxiang CHEN, Hui ZHU, Bohan LI. Top-K optimal route query problem with keyword search support [J]. Journal of Computer Applications, 2024, 44(8): 2455-2465.
[3]	Xiaoling SUN, Danhui WANG, Shanshan LI. Dynamic ciphertext sorting and retrieval scheme based on blockchain [J]. Journal of Computer Applications, 2024, 44(8): 2500-2505.
[4]	Guiyong LI, Bin HE, Lei FANG. Key generation algorithm based on cyclic grouping of difference thresholds [J]. Journal of Computer Applications, 2024, 44(7): 2110-2115.
[5]	Yue LI, Dan TANG, Minjun SUN, Xie WANG, Hongliang CAI, Qiong ZENG. Efficient reversible data hiding scheme based on two-dimensional modulo operations [J]. Journal of Computer Applications, 2024, 44(6): 1880-1888.
[6]	Yaxing BING, Yangping WANG, Jiu YONG, Haomou BAI. Six degrees of freedom object pose estimation algorithm based on filter learning network [J]. Journal of Computer Applications, 2024, 44(6): 1920-1926.
[7]	Dongju YANG, Chengfu HU. Keyword extraction method for scientific text based on improved TextRank [J]. Journal of Computer Applications, 2024, 44(6): 1720-1726.
[8]	Yanjun LI, Xiaoyu JING, Huiqin XIE, Yong XIANG. Security analysis of PFP algorithm under quantum computing model [J]. Journal of Computer Applications, 2024, 44(4): 1166-1171.
[9]	Xinyuan YIN, Xiaojian ZHENG, Jinbo XIONG. Two-round three-party password-authenticated key exchange protocol over lattices without non-interactive zero-knowledge proof [J]. Journal of Computer Applications, 2024, 44(3): 805-810.
[10]	Deyuan LIU, Jingquan ZHANG, Xing ZHANG, Wunan WAN, Shibin ZHANG, Zhi QIN. Cross-chain identity authentication scheme based on certificate-less signcryption [J]. Journal of Computer Applications, 2024, 44(12): 3731-3740.
[11]	Yong XIANG, Yanjun LI, Dingyun HUANG, Yu CHEN, Huiqin XIE. Differential and linear characteristic analysis of full-round Shadow algorithm [J]. Journal of Computer Applications, 2024, 44(12): 3839-3843.
[12]	Ruiyan LIANG, Hui YANG. Lightweight fall detection algorithm framework based on RPEpose and XJ-GCN [J]. Journal of Computer Applications, 2024, 44(11): 3639-3646.
[13]	Xukang KAN, Gefei SHI, Xuerong YANG. ORB-SLAM2 algorithm based on dynamic feature point filtering and optimization of keyframe selection [J]. Journal of Computer Applications, 2024, 44(10): 3185-3190.
[14]	Jianyang CUI, Ying CAI, Yu ZHANG, Yanfang FAN. Authenticatable privacy-preserving scheme based on signcryption from lattice for vehicular ad hoc network [J]. Journal of Computer Applications, 2024, 44(1): 233-241.
[15]	Juangui NING, Guofang DONG. Blockchain-based vehicle-to-infrastructure fast handover authentication scheme in VANET [J]. Journal of Computer Applications, 2024, 44(1): 252-260.

Token-based cross domain single sign on

基于票据的跨域单点登录

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics