CN111447194B - 一种利用数字证书增强单点登录安全性的方法 - Google Patents
一种利用数字证书增强单点登录安全性的方法 Download PDFInfo
- Publication number
- CN111447194B CN111447194B CN202010208157.9A CN202010208157A CN111447194B CN 111447194 B CN111447194 B CN 111447194B CN 202010208157 A CN202010208157 A CN 202010208157A CN 111447194 B CN111447194 B CN 111447194B
- Authority
- CN
- China
- Prior art keywords
- client
- single sign
- certificate
- application
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000002708 enhancing effect Effects 0.000 title claims abstract description 16
- 238000012795 verification Methods 0.000 claims description 13
- 238000013475 authorization Methods 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 3
- 235000014510 cooky Nutrition 0.000 description 2
- 244000035744 Hura crepitans Species 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010208157.9A CN111447194B (zh) | 2020-03-23 | 2020-03-23 | 一种利用数字证书增强单点登录安全性的方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010208157.9A CN111447194B (zh) | 2020-03-23 | 2020-03-23 | 一种利用数字证书增强单点登录安全性的方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111447194A CN111447194A (zh) | 2020-07-24 |
CN111447194B true CN111447194B (zh) | 2022-03-29 |
Family
ID=71653386
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010208157.9A Active CN111447194B (zh) | 2020-03-23 | 2020-03-23 | 一种利用数字证书增强单点登录安全性的方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111447194B (zh) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547343A (zh) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | 一种基于数字证书的单点登录方法 |
CN102111410A (zh) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | 一种基于代理的单点登录方法及*** |
CN103560888A (zh) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | 一种基于数字证书实现集成多个应用***统一认证登录的方法 |
CN107819564A (zh) * | 2016-09-10 | 2018-03-20 | 湖南移商动力网络技术有限公司 | 一种基于公开密钥基础设施的单点登录***的设计方法 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8185938B2 (en) * | 2001-03-29 | 2012-05-22 | International Business Machines Corporation | Method and system for network single-sign-on using a public key certificate and an associated attribute certificate |
-
2020
- 2020-03-23 CN CN202010208157.9A patent/CN111447194B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547343A (zh) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | 一种基于数字证书的单点登录方法 |
CN102111410A (zh) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | 一种基于代理的单点登录方法及*** |
CN103560888A (zh) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | 一种基于数字证书实现集成多个应用***统一认证登录的方法 |
CN107819564A (zh) * | 2016-09-10 | 2018-03-20 | 湖南移商动力网络技术有限公司 | 一种基于公开密钥基础设施的单点登录***的设计方法 |
Non-Patent Citations (1)
Title |
---|
一种基于证书的单点登录方案设计;张旋;《信息技术》;20120825(第8期);第175-177页 * |
Also Published As
Publication number | Publication date |
---|---|
CN111447194A (zh) | 2020-07-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1777096B (zh) | 用于口令保护的方法和设备 | |
KR100990320B1 (ko) | 공용 서버로부터 콘텐츠를 요청할 때 클라이언트프라이버시를 제공하는 방법 및 시스템 | |
CN102017578B (zh) | 用于在令牌与验证器之间进行认证的网络助手 | |
US6732270B1 (en) | Method to authenticate a network access server to an authentication server | |
US20080235513A1 (en) | Three Party Authentication | |
KR20190114434A (ko) | 블록체인 기반의 권한 인증 방법, 단말 및 이를 이용한 서버 | |
US10263782B2 (en) | Soft-token authentication system | |
US20110213959A1 (en) | Methods, apparatuses, system and related computer program product for privacy-enhanced identity management | |
US20090106548A1 (en) | Method for controlling secured transactions using a single physical device, corresponding physical device, system and computer program | |
MX2012011105A (es) | Autoridad de certificado. | |
KR20190114432A (ko) | 블록체인 기반의 권한 인증 방법, 단말 및 이를 이용한 서버 | |
KR20190114433A (ko) | 블록체인 기반의 권한 인증 방법, 단말 및 이를 이용한 서버 | |
EP2827529B1 (en) | Method, device, and system for identity authentication | |
KR20210095093A (ko) | 탈중앙화 아이디 앱을 이용하여 인증 서비스를 제공하는 방법 및 이를 이용한 탈중앙화 아이디 인증 서버 | |
CN110636051A (zh) | 一种基于多用户ca数字证书的区块链交易方法 | |
CN112383401B (zh) | 一种提供身份鉴别服务的用户名生成方法及*** | |
CN113259350A (zh) | 一种基于密钥生成算法的密码学用户授权认证*** | |
KR20210095061A (ko) | 탈중앙화 아이디 앱을 이용하여 인증 서비스를 제공하는 방법 및 이를 이용한 탈중앙화 아이디 인증 서버 | |
US20090055917A1 (en) | Authentication method and authentication system using the same | |
EP2359525B1 (en) | Method for enabling limitation of service access | |
CN111447194B (zh) | 一种利用数字证书增强单点登录安全性的方法 | |
CN102769606B (zh) | 一种基于基因证书的网络数字身份认证方法 | |
CN111723347B (zh) | 身份认证方法、装置、电子设备及存储介质 | |
EP3178073B1 (en) | Security management system for revoking a token from at least one service provider terminal of a service provider system | |
EP3035589A1 (en) | Security management system for authenticating a token by a service provider server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information |
Inventor after: Chen Lei Inventor after: Zhang Xiaoyu Inventor after: Gao Dongqi Inventor after: Zhang Qitao Inventor after: Zhu Litong Inventor after: Zhu Feng Inventor after: Qiu Yuan Inventor after: Zhao Weiming Inventor before: Chen Lei Inventor before: Zhang Xiaoyu Inventor before: Gao Dongqi Inventor before: Zhang Qitao |
|
CB03 | Change of inventor or designer information |