Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for single sign on

A single sign-on, application system technology, applied in user identity/authority verification, electrical components, transmission systems, etc., to solve problems such as user login failures

Inactive Publication Date: 2010-12-01
SIEMENS CHINA
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Conversely, if validation fails, e.g. invalid timestamp, user login fails

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for single sign on
  • Method and device for single sign on
  • Method and device for single sign on

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] exist figure 2 In the shown Kerberos scheme, in order to avoid replay attacks, the requirements for time verification are relatively strict. Therefore, the Kerberos scheme requires clock synchronization between the SSO initiator 210 and the SSO server 230 . In other words, in figure 1 In the environment shown, the user terminal 110 that may be the SSO initiator and each application system 120 need to be synchronized with the clock of the SSO server. This point is usually difficult to achieve in practical applications. Therefore, it is necessary to propose an SSO solution that does not require clock synchronization.

[0029] A simple and effective solution to avoid clock synchronization is to enable the SSO initiator to obtain the system time T of the SSO server sso , and the SSO initiator calculates T sso with local time T init time offset ΔT between them, and then use this calculated time offset ΔT to correct the timestamp T in the access request to the SSO rece...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for single sign on (SSO). The method comprises the following steps that: an SSO initiator acquires a system time Tsso of an SSO server; the SSO initiator calculates a time offset deltaT between the Tsso and a local time Tinit; and the SSO initiator modifies a time stamp Tts in an access request sent to an SSO acceptor by using the calculated time offset deltaT. The time offset deltaT can effectively solve the problems caused by the clock asynchronization between the SSO initiator and the SSO server. Therefore, the method of the invention can realize a secure SSO mechanism without the clock synchronization and avoid interception and replay attack.

Description

technical field [0001] The present invention relates to a single sign-on (SSO: Single Sign On) technology, in particular to a single sign-on technology without clock synchronization. Background technique [0002] Single sign-on, referred to as SSO, is a security login mechanism proposed to facilitate users to access multiple application systems (such as enterprise resource planning (ERP) systems or office automation systems, etc.). With SSO, users only need to log in once (that is, enter a user name and password once) to access multiple mutually trusted but independent application systems. [0003] Various solutions for implementing the SSO mechanism have been proposed so far. These solutions can be roughly divided into two categories, namely, password synchronization schemes and ticket schemes. [0004] In the password synchronization scheme, the SSO processing module pre-stores a master password for a user and multiple slave passwords corresponding to it for multiple app...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L29/06
Inventor 刘彦刘康
Owner SIEMENS CHINA