CN111447194B - Method for enhancing single sign-on security by using digital certificate - Google Patents
Method for enhancing single sign-on security by using digital certificate Download PDFInfo
- Publication number
- CN111447194B CN111447194B CN202010208157.9A CN202010208157A CN111447194B CN 111447194 B CN111447194 B CN 111447194B CN 202010208157 A CN202010208157 A CN 202010208157A CN 111447194 B CN111447194 B CN 111447194B
- Authority
- CN
- China
- Prior art keywords
- client
- single sign
- certificate
- application
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000002708 enhancing effect Effects 0.000 title claims abstract description 16
- 238000012795 verification Methods 0.000 claims description 13
- 238000013475 authorization Methods 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 3
- 235000014510 cooky Nutrition 0.000 description 2
- 244000035744 Hura crepitans Species 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010208157.9A CN111447194B (en) | 2020-03-23 | 2020-03-23 | Method for enhancing single sign-on security by using digital certificate |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010208157.9A CN111447194B (en) | 2020-03-23 | 2020-03-23 | Method for enhancing single sign-on security by using digital certificate |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111447194A CN111447194A (en) | 2020-07-24 |
CN111447194B true CN111447194B (en) | 2022-03-29 |
Family
ID=71653386
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010208157.9A Active CN111447194B (en) | 2020-03-23 | 2020-03-23 | Method for enhancing single sign-on security by using digital certificate |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111447194B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547343A (en) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | A Single Sign On method based on digital certificate |
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN103560888A (en) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | Digital certificate-based unified authentication login method for integrating multiple application systems |
CN107819564A (en) * | 2016-09-10 | 2018-03-20 | 湖南移商动力网络技术有限公司 | A kind of design method of the single-node login system based on Public Key Infrastructure |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8185938B2 (en) * | 2001-03-29 | 2012-05-22 | International Business Machines Corporation | Method and system for network single-sign-on using a public key certificate and an associated attribute certificate |
-
2020
- 2020-03-23 CN CN202010208157.9A patent/CN111447194B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547343A (en) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | A Single Sign On method based on digital certificate |
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN103560888A (en) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | Digital certificate-based unified authentication login method for integrating multiple application systems |
CN107819564A (en) * | 2016-09-10 | 2018-03-20 | 湖南移商动力网络技术有限公司 | A kind of design method of the single-node login system based on Public Key Infrastructure |
Non-Patent Citations (1)
Title |
---|
一种基于证书的单点登录方案设计;张旋;《信息技术》;20120825(第8期);第175-177页 * |
Also Published As
Publication number | Publication date |
---|---|
CN111447194A (en) | 2020-07-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1777096B (en) | Password protection method and device | |
KR100990320B1 (en) | Method and system for providing client privacy when requesting content from a public server | |
CN102017578B (en) | Network helper for authentication between a token and verifiers | |
US6732270B1 (en) | Method to authenticate a network access server to an authentication server | |
US20080235513A1 (en) | Three Party Authentication | |
KR20190114434A (en) | Method for oauth service through blockchain, and terminal and server using the same | |
US20110213959A1 (en) | Methods, apparatuses, system and related computer program product for privacy-enhanced identity management | |
US20090106548A1 (en) | Method for controlling secured transactions using a single physical device, corresponding physical device, system and computer program | |
MX2012011105A (en) | Certificate authority. | |
KR20190114432A (en) | Method for oauth service through blockchain, and terminal and server using the same | |
KR20190114433A (en) | Method for oauth service through blockchain, and terminal and server using the same | |
EP2827529B1 (en) | Method, device, and system for identity authentication | |
KR20210095093A (en) | Method for providing authentification service by using decentralized identity and server using the same | |
CN110636051A (en) | Block chain transaction method based on multi-user CA digital certificate | |
CN112383401B (en) | User name generation method and system for providing identity authentication service | |
CN113259350A (en) | Cryptographic user authorization and authentication system based on key generation algorithm | |
KR20210095061A (en) | Method for providing authentification service by using decentralized identity and server using the same | |
US20090055917A1 (en) | Authentication method and authentication system using the same | |
EP2359525B1 (en) | Method for enabling limitation of service access | |
CN111447194B (en) | Method for enhancing single sign-on security by using digital certificate | |
CN102769606B (en) | A kind of network digital identity identifying method based on gene certificate | |
CN111723347B (en) | Identity authentication method, identity authentication device, electronic equipment and storage medium | |
EP3178073B1 (en) | Security management system for revoking a token from at least one service provider terminal of a service provider system | |
EP3035589A1 (en) | Security management system for authenticating a token by a service provider server | |
AU2015271650A1 (en) | Identity verification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information |
Inventor after: Chen Lei Inventor after: Zhang Xiaoyu Inventor after: Gao Dongqi Inventor after: Zhang Qitao Inventor after: Zhu Litong Inventor after: Zhu Feng Inventor after: Qiu Yuan Inventor after: Zhao Weiming Inventor before: Chen Lei Inventor before: Zhang Xiaoyu Inventor before: Gao Dongqi Inventor before: Zhang Qitao |
|
CB03 | Change of inventor or designer information |