Single sign-on method, server and client

A single sign-on, server-side technology, applied in the field of communication, can solve problems such as not using national secret algorithms, achieve the effect of improving user experience and protecting data security

Inactive Publication Date: 2017-07-07
AEROSPACE INFORMATION
View PDF16 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. Digital certificates are not used to identify user identities
[0005] 2. Basically no national secret algorithm is used in the data security protection measures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single sign-on method, server and client
  • Single sign-on method, server and client
  • Single sign-on method, server and client

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] This embodiment provides a processing flow of a single sign-on method such as figure 1 As shown, in this embodiment, the server side receives the application request initiated by the client, establishes a two-way connection, and extracts the user identity; according to the user identity, search the user list of the bound single sign-on information recorded in the database Whether there is a login application resource requested by the user in ;

[0052] The processing steps are as follows:

[0053] Step 11, determining that the application resource requested by the user of the client terminal received by the server exists in the list of bound single sign-on information recorded in the database;

[0054] Step 12. Using the first secret key, the SM4 algorithm is used to encrypt the user's single sign-on information to form a first ciphertext;

[0055] Specifically, in this embodiment, random numbers are used to generate a symmetric key with a length of 32 bits as the fir...

Embodiment 2

[0064] This embodiment provides a processing flow of a single sign-on method such as figure 2 As shown, in this embodiment, the client processing steps are as follows:

[0065] Step 21. Receive the application resource and SSO ciphertext sent by the server; specifically, in this embodiment, receive the application resource and SSO ciphertext sent by the server to form a login home page;

[0066] Step 22. Using the browser helper object BHO (Browser Helper Object), the control uses the private key of the user certificate to decrypt the SSO ciphertext, obtain the SSO information, and cache it;

[0067] In this embodiment, the BHO control is used to use the private key of the user certificate to decrypt the SSO ciphertext, obtain the SSO information, and cache it according to the agreed format; click to log in to the application resources on the homepage;

[0068] Step 23, the BHO control matches the cached single sign-on information with a Uniform Resource Locator URL (Uniform...

Embodiment 3

[0074] This embodiment provides a single sign-on server 30, and its specific implementation structure is as follows image 3 As shown, it can specifically include the following modules:

[0075] Determination module 31: it is used to determine that the application resource requested by the user of the client terminal received by the server exists in the list of bound single sign-on information recorded in the database;

[0076] The first ciphertext module 32: it is used to use the first secret key to encrypt the user's single sign-on information with the SM4 algorithm to form the first ciphertext;

[0077] The second ciphertext module 33: it is used to encrypt the first secret key with a second secret key to form a second ciphertext;

[0078] Splicing module 34: it is used for splicing the first ciphertext and the second ciphertext, using the SM3 algorithm to process the concatenated ciphertext to form a single sign-on ciphertext;

[0079] Sending module 35: used for sending...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a single sign-on method, server and client. In the embodiment of the invention, the method comprises the following steps: determining that application resources on which a user of a client requests to sign received by a server side exist in a list of bound single sign-on information recorded in a database; encrypting single sign-on information of the user by a first key through an SM4 algorithm to form a first ciphertext; encrypting the first key with a second key to form a second ciphertext; splicing the first ciphertext and the second ciphertext, and processing a spliced ciphertext through an SM3 algorithm to form a single sign-on ciphertext; and transmitting the application resources requested by the user of the client and the single sign-on ciphertext to the client. Through adoption of the single sign-on method, server and client, data security is protected through a GMB algorithm; the identity of the user is identified by taking a digital certificate as a carrier; uniform authentication is realized; a plurality of independent application systems can be used in single sign-on; and the user experience is improved.

Description

technical field [0001] The invention relates to the technical field of communications, in particular to a single sign-on method, server and client. Background technique [0002] In recent years, with the rapid development of information security technology, the application of cryptographic algorithms has become very common, deeply affecting people's daily work, study and life. Information security technology represented by digital certificates has been used in enterprises, governments, banks, finance, It has been widely used in various fields such as energy. The country's emphasis on the security of cryptographic algorithms has also increased unprecedentedly. The State Cryptography Administration has promulgated a series of national standards for commercial cryptographic algorithms such as SM2, SM3, and SM4, establishing my country's own standards for cryptographic algorithms and standardizing national cryptographic algorithms. The use of the system guarantees the right to s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/0815
Inventor 赵永宽宁红宙华刚
Owner AEROSPACE INFORMATION
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products