Single sign-on method, server and client

A single sign-on, server-side technology, applied in the field of communication, can solve problems such as not using national secret algorithms, achieve the effect of improving user experience and protecting data security

Inactive Publication Date: 2017-07-07
AEROSPACE INFORMATION
View PDF16 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. Digital certificates are not used to identify user identities
[0005] 2. Bas

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single sign-on method, server and client
  • Single sign-on method, server and client
  • Single sign-on method, server and client

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0050] Example one

[0051] This embodiment provides a processing flow of a single sign-on method such as figure 1 As shown, in this embodiment, the server receives the application request initiated by the client, establishes a two-way connection, and extracts the user identity; according to the user identity, it searches the database for the user list of the single sign-on information that has been bound Whether there is a login application resource requested by the user in it;

[0052] The processing steps are as follows:

[0053] Step 11. Determine that the application resource requested to log in by the user of the client received by the server is in the list of bound single sign-on information recorded in the database;

[0054] Step 12. Using the first secret key, the SM4 algorithm is used to encrypt the user's single sign-on information to form the first ciphertext;

[0055] Specifically, in this embodiment, a random number is used to generate a 32-bit symmetric key as the first...

Example Embodiment

[0063] Example two

[0064] This embodiment provides a processing flow of a single sign-on method such as figure 2 As shown, in this embodiment, the client-side processing steps are as follows:

[0065] Step 21: Receive the application resources and the single sign-on ciphertext sent by the server; specifically, in this embodiment, the application resources and the single sign-on ciphertext sent by the server are received to form the login homepage;

[0066] Step 22: Using the Browser Helper Object (BHO), the control uses the private key of the user certificate to decrypt the single sign-on ciphertext, obtain the single sign-on information, and cache it;

[0067] In this embodiment, the BHO control is used to decrypt the single sign-on ciphertext using the private key of the user certificate, obtain the single sign-on information, and cache it according to the agreed format; click to log in to the homepage application resource;

[0068] Step 23: The BHO control matches the cached sing...

Example Embodiment

[0073] Example three

[0074] This embodiment provides a single sign-on server 30, and its specific implementation structure is as follows image 3 As shown, it can specifically include the following modules:

[0075] Determining module 31: it is used to determine that the application resource requested to log in by the user of the client, received by the server, exists in the list of bound single sign-on information recorded in the database;

[0076] The first ciphertext module 32: it is used to use the first secret key to encrypt the user's single sign-on information using the SM4 algorithm to form the first ciphertext;

[0077] The second ciphertext module 33: it is used to encrypt the first secret key and then use the second secret key to form a second ciphertext;

[0078] The splicing module 34: it is used to splice the first ciphertext and the second ciphertext, and use the SM3 algorithm to process the spliced ​​ciphertext to form a single sign-on ciphertext;

[0079] Sending modu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a single sign-on method, server and client. In the embodiment of the invention, the method comprises the following steps: determining that application resources on which a user of a client requests to sign received by a server side exist in a list of bound single sign-on information recorded in a database; encrypting single sign-on information of the user by a first key through an SM4 algorithm to form a first ciphertext; encrypting the first key with a second key to form a second ciphertext; splicing the first ciphertext and the second ciphertext, and processing a spliced ciphertext through an SM3 algorithm to form a single sign-on ciphertext; and transmitting the application resources requested by the user of the client and the single sign-on ciphertext to the client. Through adoption of the single sign-on method, server and client, data security is protected through a GMB algorithm; the identity of the user is identified by taking a digital certificate as a carrier; uniform authentication is realized; a plurality of independent application systems can be used in single sign-on; and the user experience is improved.

Description

technical field [0001] The invention relates to the technical field of communications, in particular to a single sign-on method, server and client. Background technique [0002] In recent years, with the rapid development of information security technology, the application of cryptographic algorithms has become very common, deeply affecting people's daily work, study and life. Information security technology represented by digital certificates has been used in enterprises, governments, banks, finance, It has been widely used in various fields such as energy. The country's emphasis on the security of cryptographic algorithms has also increased unprecedentedly. The State Cryptography Administration has promulgated a series of national standards for commercial cryptographic algorithms such as SM2, SM3, and SM4, establishing my country's own standards for cryptographic algorithms and standardizing national cryptographic algorithms. The use of the system guarantees the right to s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/0815
Inventor 赵永宽宁红宙华刚
Owner AEROSPACE INFORMATION
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products