摘要： 针对目前单点登录应用于Web服务安全时存在的问题，结合WS-Security和SAML规范提出一个Web服务身份认证和授权的单点登录模型，描述该模型的单点登录过程及实现，对其安全性进行了分析并给出了相应的安全策略。该系统模型具有兼容性、容易部署及良好的可扩展性等特点。

关键词: 单点登录, Web服务, 安全断言标记语言, Web服务安全性

Abstract: Aiming at current existed problems of single sign-on applied to Web services security, this paper puts forward a single sign-on model for Web services authentication and authorization with the help of WS-Security and SAML, and analyzes the flow and security of this single sign-on system. The system has compatibility and better expansibility it can be deployed easily.

Key words: single sign-on, Web services, Security Assertion Markup Language(SAML), WS-security

中图分类号: 

• TP393.08