A Single Sign-On Scheme Based on Public-Key Infrastructure

碩士 === 國立交通大學 === 資訊科學系 === 89 === In a distributed environment, all information are exposed in the public networks. Some of the information are perhaps transactions and some are users'' passwords. Besides, the identities of communicating parties are also under the...

Full description

Bibliographic Details
Main Authors: Chien-Ta Chu, 朱建達
Other Authors: Wen-Guey Tzeng
Format: Others
Language:zh-TW
Published: 2001
Online Access:http://ndltd.ncl.edu.tw/handle/12922625668276004923
Description
Summary:碩士 === 國立交通大學 === 資訊科學系 === 89 === In a distributed environment, all information are exposed in the public networks. Some of the information are perhaps transactions and some are users'' passwords. Besides, the identities of communicating parties are also under the danger of being masqueraded. A lot of research, such as Kerberos and SESAME, have been devoted to solve these problems. In a heterogeneous environment, all computer hosts are not the same machine type and all login procedures are not the same. When a user is going to login into different computers, he has to use different pairs of identity and password. During the procedure of login, these information might be intercepted resulting in a leakage. ''Single Sign-On'''' is the solution to reduce the complexity of the login procedure. In this paper, we not only investigated two representative authentication services but also proposed a similar scheme, which is integrated with PKI and Single Sign-On. Our scheme works as following: the user logins once using a Smart Card and uses different services without entering password again. We adopt ''Role-Based Access Control'''' to manage privilege, and that results more flexibility in management.