CN111447194A - Method for enhancing single sign-on security by using digital certificate - Google Patents
Method for enhancing single sign-on security by using digital certificate Download PDFInfo
- Publication number
- CN111447194A CN111447194A CN202010208157.9A CN202010208157A CN111447194A CN 111447194 A CN111447194 A CN 111447194A CN 202010208157 A CN202010208157 A CN 202010208157A CN 111447194 A CN111447194 A CN 111447194A
- Authority
- CN
- China
- Prior art keywords
- client
- single sign
- certificate
- application
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 230000002708 enhancing effect Effects 0.000 title claims abstract description 17
- 238000012795 verification Methods 0.000 claims description 13
- 238000013475 authorization Methods 0.000 claims description 9
- 239000000284 extract Substances 0.000 claims description 3
- 235000014510 cooky Nutrition 0.000 description 2
- 244000035744 Hura crepitans Species 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
Description
Claims (6)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010208157.9A CN111447194B (en) | 2020-03-23 | 2020-03-23 | Method for enhancing single sign-on security by using digital certificate |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010208157.9A CN111447194B (en) | 2020-03-23 | 2020-03-23 | Method for enhancing single sign-on security by using digital certificate |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111447194A true CN111447194A (en) | 2020-07-24 |
CN111447194B CN111447194B (en) | 2022-03-29 |
Family
ID=71653386
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010208157.9A Active CN111447194B (en) | 2020-03-23 | 2020-03-23 | Method for enhancing single sign-on security by using digital certificate |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111447194B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020144119A1 (en) * | 2001-03-29 | 2002-10-03 | Ibm Corporation | Method and system for network single sign-on using a public key certificate and an associated attribute certificate |
CN1547343A (en) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | A Single Sign On method based on digital certificate |
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN103560888A (en) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | Digital certificate-based unified authentication login method for integrating multiple application systems |
CN107819564A (en) * | 2016-09-10 | 2018-03-20 | 湖南移商动力网络技术有限公司 | A kind of design method of the single-node login system based on Public Key Infrastructure |
-
2020
- 2020-03-23 CN CN202010208157.9A patent/CN111447194B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020144119A1 (en) * | 2001-03-29 | 2002-10-03 | Ibm Corporation | Method and system for network single sign-on using a public key certificate and an associated attribute certificate |
CN1547343A (en) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | A Single Sign On method based on digital certificate |
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN103560888A (en) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | Digital certificate-based unified authentication login method for integrating multiple application systems |
CN107819564A (en) * | 2016-09-10 | 2018-03-20 | 湖南移商动力网络技术有限公司 | A kind of design method of the single-node login system based on Public Key Infrastructure |
Non-Patent Citations (1)
Title |
---|
张旋: "一种基于证书的单点登录方案设计", 《信息技术》 * |
Also Published As
Publication number | Publication date |
---|---|
CN111447194B (en) | 2022-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1777096B (en) | Password protection method and device | |
US7793340B2 (en) | Cryptographic binding of authentication schemes | |
CN102017578B (en) | Network helper for authentication between a token and verifiers | |
US6732270B1 (en) | Method to authenticate a network access server to an authentication server | |
CN108616504B (en) | Sensor node identity authentication system and method based on Internet of things | |
KR20190114434A (en) | Method for oauth service through blockchain, and terminal and server using the same | |
US10263782B2 (en) | Soft-token authentication system | |
US20090106548A1 (en) | Method for controlling secured transactions using a single physical device, corresponding physical device, system and computer program | |
MX2012011105A (en) | Certificate authority. | |
KR20190114433A (en) | Method for oauth service through blockchain, and terminal and server using the same | |
CN107294725A (en) | A kind of three factor authentication methods under environment of multi-server | |
KR20210095093A (en) | Method for providing authentification service by using decentralized identity and server using the same | |
WO2014069985A1 (en) | System and method for identity-based entity authentication for client-server communications | |
EP2827529B1 (en) | Method, device, and system for identity authentication | |
KR20190114432A (en) | Method for oauth service through blockchain, and terminal and server using the same | |
CN110636051A (en) | Block chain transaction method based on multi-user CA digital certificate | |
CN111224784A (en) | Role separation distributed authentication and authorization method based on hardware trusted root | |
CN112383401B (en) | User name generation method and system for providing identity authentication service | |
KR20210095061A (en) | Method for providing authentification service by using decentralized identity and server using the same | |
US20090055917A1 (en) | Authentication method and authentication system using the same | |
EP2359525B1 (en) | Method for enabling limitation of service access | |
CN111447194B (en) | Method for enhancing single sign-on security by using digital certificate | |
EP3178073B1 (en) | Security management system for revoking a token from at least one service provider terminal of a service provider system | |
CN108512832A (en) | A kind of safe Enhancement Method for OpenStack authentications | |
CN111723347B (en) | Identity authentication method, identity authentication device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information |
Inventor after: Chen Lei Inventor after: Zhang Xiaoyu Inventor after: Gao Dongqi Inventor after: Zhang Qitao Inventor after: Zhu Litong Inventor after: Zhu Feng Inventor after: Qiu Yuan Inventor after: Zhao Weiming Inventor before: Chen Lei Inventor before: Zhang Xiaoyu Inventor before: Gao Dongqi Inventor before: Zhang Qitao |
|
CB03 | Change of inventor or designer information |