Journal of Networks, Vol 7, No 1 (2012), 165-172, Jan 2012
doi:10.4304/jnw.7.1.165-172

The Design and Implementation of Single Sign-on Based on Hybrid Architecture

Zhigang Liang, Yuhai Chen

Abstract


For the purpose of solving the problems of user repeated logon from various kinds of Application which based on hybrid architecture and in different domains, single sign-on architecture is proposed. On the basis of analyzing the advantages and disadvantages of existing single sign-on models, combined with the key technology like Web Service, Applet and reverse proxy, two core problems such as single sign-on architecture mix B/S and C/S structure applications and cross-domain single sign-on are resolved. Meanwhile, the security and performance of this architecture are well protected since the reverse proxy and related encryption technology are adopted. The results show that this architecture is high performance and it is widely applicable, and it will be applied to practical application soon.



Keywords


single sign-on, web service, cross domain, reverse proxy, B/S, C/S

References


Paker T A. Single Sign-on systems-the technologies and the products [J]. European convention Security and Detection,1995.
http://dx.doi.org/10.1049/cp:19950488

ZHANG Ting,GENG Jixiu. Research and Design ofW eb-based SSO System[J] Computer Simulation 2005,22(8): 128-131

IBM,Microsoft.Security in a Web services world: A proposed architecture and roadmap [EB/OL]. http://www.ibm.com/developerworks/library/ws-secmap/, 2002 -04-07.

Liu Runda,Zhu Yunqiang,,Song Jia,,Feng Min. Implementation of a simple cross domain single sign on system [J] computerapplications 2007,27(2): 288-291.

DENG Yun,CHENG Xiao-hui System design of mobile cross-domain single sign-on[J] Computer Engineering and Design 2010, 31(8): 1667-1672.

LI Xin,ZHANG Jun Design and realization of XKMS model towards web service[J] Computer Engineering and Design 2010, 31(8):1738-1742

JIN Wei-zu,LI Ping-xin Solution Schema for Single Location Invalidation Based on CAS Cluster Computer Engineering 2010,36 (1):51-54

JIN WANG Qi Websites Single Sign-on Based on Reverse Proxy[J] Computer Engineering 2008, 34(14): 138-140.

D.F.Ferraiolo, R Sandhu, S Gavrila, et al. Proposed NIST standard for role-based access control[J]. ACM Transaction on Information and System Security, 2001, 4(3): 224-274.
http://dx.doi.org/10.1145/501978.501980

E.Bertino, P.A.Bonatti. TRBAC: a temporal role-based access control model[J]. ACM Transaction on Information and System Security, 2001, 4(3): 191-223.
http://dx.doi.org/10.1145/501978.501979


Full Text: PDF


Journal of Networks (JNW, ISSN 1796-2056)

Copyright @ 2006-2013 by ACADEMY PUBLISHER – All rights reserved.