Centralized Control of Account Migration at Single Sign-On in Shibboleth
2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)
Pub Date : 2020-07-01
DOI:10.1109/COMPSAC48688.2020.00-27
引用次数: 4
Abstract
Single Sign-On (SSO) is adopted to use multiple services with a single log-in in the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating of the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP), and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we especially focus on Shibboleth's function as an SSO service. And we propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in SSO environment. Also we implement the mechanism as an open source software using SimpleSAMLphp.Shibboleth单点登录账户迁移的集中控制
单点登录(Single Sign-On)是指在Internet上一次登录即可使用多种业务。然而,当一个用户试图改变身份提供商(IdP)负责验证的用户,他需要释放之间的绑定登录账户migration-source国内流离失所者和他的服务帐户在每个服务提供商(SP),和需要设置一个新的绑定账户migration-destination之间的国内流离失所者和SP的服务帐户。没有普遍使用SSO迁移系统,以支持迁移功能。在本研究中,我们特别关注Shibboleth作为SSO服务的功能。提出了一种在单点登录环境中使用属性提供程序(AP)同时迁移多个sp上的用户帐户的协议。我们还使用SimpleSAMLphp作为开源软件来实现该机制。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文
求助全文
来源期刊
自引率
0.00%
发文量
0
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
