摘要: Kerberos单点登录协议存在口令猜测、重放攻击、缺乏认证等安全问题,该文以Kerberos协议为基础,设计一种新的单点登录协议,该协议修改了Kerberos协议的框架,引入一次性口令和授权服务机制,解决了Kerberos协议存在的问题,提供一种更安全、且扩展性强的单点登录协议。
关键词:
单点登录,
Kerberos协议,
一次性口令,
协议安全性
Abstract: Kerberos protocol has some security problems, such as password guess, replay attack, and absent authentication. This paper designs a new Single Sign-On(SSO) protocol based on Kerberos. The SSO protocol modifies Kerberos’s framework, which solves Kerberos problem by using one time password and authorization. The new SSO protocol is a more secure and expansibile protocol.
Key words:
Single Sign-On(SSO),
Kerberos protocol,
one time password,
protocol security
中图分类号:
李继勇;陶 然. 一种单点登录协议的设计[J]. 计算机工程, 2008, 34(14): 152-154.
LI Ji-yong; TAO Ran. Design of Single Sign-On Protocol[J]. Computer Engineering, 2008, 34(14): 152-154.