Multi-Layered Cross-IDP SSO in SAML-based Architecture
| Autor: | Chang-Jung Chang, 張長蓉 |
|---|---|
| Rok vydání: | 2007 |
| Druh dokumentu: | 學位論文 ; thesis |
| Popis: | 95 The development of Web Service enables users rapidly to access network resources in time. As a result of the electronic commerce starting, Web service uses xml to transmit the information to be able to adapt each kind of development environment. In order to solve the information secure problem, the Security Assertion Markup Language (SAML) which is an XML-based framework has been developed by the OASIS (the Organization for the Advancement of Structured Information Standards) to describe and exchange authorization and authentication information between on-line business partners in 2002. SAML explicitly defines several safe confirmations ways and the security of xml architecture will be enhanced with these methods. The superiority causes SAML widely to be used to achieve Web SSO by the on-line commercial systems. At present SAML SSO mechanism is that there is an identity provider (IDP) which integrates several services managing users information. After logging in at IDP, the user can access these services. So long as a user has logged in at the authentication center, he does not need to authenticate again and then he directly can access these services at the same time. But a user has to login many times to provide valid credentials to use the services which are subordinate under different IDPs. In order to provide the users a enterprise-crossed and integrated service, we must enable the users also to achieve SSO under many identity providers, the thesis designs a SSO architecture to achieve identity federation cross-IDP using SAML 1.1. |
| Databáze: | Networked Digital Library of Theses & Dissertations |
| Externí odkaz: |
|