摘要: 针对身份管理系统的功能需求以及不同身份管理系统间的融合需求,提出一种通用的身份模型。该模型由用户全局身份标识、本地身份标识、临时身份标识、访问信息组、用户凭证组、用户属性组、可信域组所组成。在此基础上,给出该模型的分阶段构建流程,完成属性和凭证信息的搜集工作以及可信域和访问信息的更新工作。应用结果表明,该模型对现有身份管理系统的融合、身份保护等功能提供了技术支持。
关键词:
通用身份模型,
身份管理,
构建流程,
信任代理
Abstract: Aiming to satisfy identity management function requirements such as federal cross domain access, trust delegation and privacy protection, and the requirements of integration among different identity management systems, it proposes a general identity model in this paper. These models consist of global identifier, local identifier, temp identifier, access information set, credential set, attribute set and trusted domain set. Then the construction process of this model which includes two stages is shown, the collection of attributes and credentials, the update of trusted domains and access information is finished during these two stages. Application result shows that this model provides good support for current identity management systems to implement integration and identity protection.
Key words:
general identity model,
identity management,
construction process,
trust agency
中图分类号:
曹源, 杨林, 付宗波, 喻波, 徐小青. 一种通用的身份模型及其构建流程[J]. 计算机工程, 2012, 38(3): 119-120,123.
CAO Yuan, YANG Lin, FU Zong-Bei, YU Bei, XU Xiao-Jing. General Identity Model and Its Construction Process[J]. Computer Engineering, 2012, 38(3): 119-120,123.