Digital certificate-based unified authentication login method for integrating multiple application systems

Abstract

The invention discloses a digital certificate-based unified authentication login method for integrating multiple application systems. A legal digital certificate signed and issued for a user, an authentication method of the digital certificate replaces an original authentication method of a user name and a password; a unified authentication platform is established, and unified certification service is provided for all the information application systems; the information application systems have access to the platform, login authentication and authorization are performed, and unified authentication login is completed. When the method is used, safety of the information application systems is improved, losses caused by early leak of the user name and the password are reduced, and signature of the digital certificate guarantees traceability of operation in the information application systems; due to the fact that the unified authentication platform is established, user information resources can be shared in a concentrated mode and are convenient to manage and maintain; on the basis of the OAuth2.0 protocol, an open interface is provided, and therefore new application information systems can have access to the platform more easily; the unified authentication login and single-point login function is provided, operation of the user is facilitated, and working efficiency is improved.

Description

technical field [0001] The present invention is generally applied in the field of public key infrastructure system (PKI), and provides a lightweight, more efficient, safe and fast method for integrating one or more application systems based on digital certificates to realize unified authentication login and single sign-on. Way. Background technique [0002] X509 is an international standard recommended by ITU-T. X.509 defines a widely accepted PKI foundation, including data format and the process of distributing public keys through digital certificates issued by certificate authorities. [0003] X509 digital certificate refers to the data signed by a trusted certificate issuing organization for a specific public key and data information. [0004] As we all know, the development and application of every technology will go through a process, and the same is true for the development of information technology. In the process of computer technology development and application, ...

AI Technical Summary

Problems solved by technology

[0007] 1. The existing single sign-on technology mainly aims to solve the problem that users only need to log in once in multiple application systems to access all mutually trusted application systems, but its limitations are also obvious: that is, most application scenarios are applicable to users The authentication information is the user name and password, which is often not supported for application systems that need to use digital certificates to log in.

[0008] 2. The method based on user name and password has great security problems

In recent years, there have been many incidents of system user name and password information leakage on the Internet, especially the recent Tianya account leakage incident and CSDN account leakage incident, which once again exposed the simplicity and insecurity of this aut

Images