作　　者： ; ; ; ;

机构地区： 华北电力大学电气与电子工程学院电子与通信工程系

出　　处： 《电力系统通信》 2006年第5期50-53,62,共5页

摘　　要： 为了解决W eb服务中信息之间的安全传输,需要引入一种安全有效的用户身份认证机制。文章首先分析了W eb服务中的安全性问题及传统的W eb服务认证机制,然后引入了解决问题的办法,即安全声明标记语言(SAML),介绍了SAML的三种断言、体系结构及应用现状,给出了利用SAML实现身份认证的系统结构及认证过程,实现了客户方、身份验证方、目标站点方三方之间声明信息的安全传输,最后指出SAML认证技术的优势及其发展前景。 In order to solve the problem of the information safe transmission between Web Services, an effective authentication mechanism needs to be imported. At first the security problems and traditional authentication mechanism in Web Services are analyzed in the paper. A solution to these problems, i.e. Security Assertion Markup Language （SAML） is introduced. Three types of SAML assertions,the architecture of SAML and its applied status are described. The SAML based system configuration and the process which realizes identity authentication is presented, the safe transmission of the assertion information among the client, the identification authority and the destination is realized. Finally,the advantage of SAML based authentication technology and the development prospect are given.

关 键 词： 安全声明标记语言 安全 身份认证 单点登录

领　　域： [自动化与计算机技术] [自动化与计算机技术]