{"title":"使用集中认证和授权服务的Web应用程序的多层安全层次结构","authors":"H. Naito, S. Kajita, Y. Hirano, K. Mase","doi":"10.1109/SAINT-W.2007.80","DOIUrl":null,"url":null,"abstract":"The central authentication service (CAS) is a middleware for constructing a single sign on infrastructure for Web applications and has been developed by JA-SIG. In this paper, we investigate a multiple-tiered security hierarchy infrastructure for Web applications, by extending CAS to the central authentication and authorization service (CAS2). Since the new version of CAS (CAS3) supports the X.509 client certificate authentication, we use it as leverage to realize our multiple-tiered security hierarchy mechanism. As a result, CAS2 uses X.509 client certification for not only authentication, but also authorization","PeriodicalId":254195,"journal":{"name":"2007 International Symposium on Applications and the Internet Workshops","volume":"520 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Multiple-Tiered Security Hierarchy for Web Applications Using Central Authentication and Authorization Service\",\"authors\":\"H. Naito, S. Kajita, Y. Hirano, K. Mase\",\"doi\":\"10.1109/SAINT-W.2007.80\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The central authentication service (CAS) is a middleware for constructing a single sign on infrastructure for Web applications and has been developed by JA-SIG. In this paper, we investigate a multiple-tiered security hierarchy infrastructure for Web applications, by extending CAS to the central authentication and authorization service (CAS2). Since the new version of CAS (CAS3) supports the X.509 client certificate authentication, we use it as leverage to realize our multiple-tiered security hierarchy mechanism. As a result, CAS2 uses X.509 client certification for not only authentication, but also authorization\",\"PeriodicalId\":254195,\"journal\":{\"name\":\"2007 International Symposium on Applications and the Internet Workshops\",\"volume\":\"520 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-01-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Symposium on Applications and the Internet Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAINT-W.2007.80\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Symposium on Applications and the Internet Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINT-W.2007.80","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Multiple-Tiered Security Hierarchy for Web Applications Using Central Authentication and Authorization Service
The central authentication service (CAS) is a middleware for constructing a single sign on infrastructure for Web applications and has been developed by JA-SIG. In this paper, we investigate a multiple-tiered security hierarchy infrastructure for Web applications, by extending CAS to the central authentication and authorization service (CAS2). Since the new version of CAS (CAS3) supports the X.509 client certificate authentication, we use it as leverage to realize our multiple-tiered security hierarchy mechanism. As a result, CAS2 uses X.509 client certification for not only authentication, but also authorization