Unlock instant, AI-driven research and patent intelligence for your innovation.

False certificate detecting method and system for service system for providing identity management by third party

A service system, identity management technology, applied in the field of false credential detection

Active Publication Date: 2019-03-26
DATA ASSURANCE & COMM SECURITY CENT CHINESE ACADEMY OF SCI
View PDF7 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to overcome the problem that the identity provider may issue false certificates in the single sign-on system, the present invention provides a false certificate detection method and system for a service system providing identity management by a third party; Mechanism's third-party identity management service trust enhancement scheme for detecting fake credentials

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • False certificate detecting method and system for service system for providing identity management by third party

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail through the following examples.

[0045] There are four participants in this solution: user, identity provider (IdP), application provider (RP), and log server (Log Server).

[0046] S IdP (m): indicates a message signed by the IdP;

[0047] S Log (m): Indicates the message signed by the Log Server;

[0048] E. u (m): indicates the message m encrypted with the public key of user u;

[0049] B(m,s): indicates the message m blinded using the blinding factor s;

[0050] F(u): Indicates the pseudonym generated for user u using the Bloom Filter algorithm.

[0051] In the initialization phase, the IdP generates a public-private key pair for signing and discloses the public key; Log Server generates a public-private key pair for blind signature and discloses the public key; when a user joins the system, the user regist...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a fake credential detecting method and system for a service system for providing identity management by a third party. The method comprises the following steps: 1) when the RPreceives a login request from a user, initiating an identity authentication request by the RP to the IdP; 2) authenticating the user identity by the IdP, and if the authentication is successful, issuing a user identity token for the user; 3) sending the Token of the user to the RP by the IdP, and uploading the Token to the Log Server; 4) providing services to the user by the RP according to the Token, wherein the Log Server records all the Tokens received in the public log; and 5) detecting whether there is a fake credential for the user by comparing the Token data in the log with the login status of the user. With this method, the user can discover the fake credentials issued by the IdP by comparing the Token data recorded in the log with the login behavior of the user.

Description

technical field [0001] The invention belongs to the technical fields of information security and identity authentication, and in particular relates to a false certificate detection method and system for a service system providing identity management provided by a third party. Background technique [0002] With the rapid development of computer networks and information technology, people's life, work, study and other aspects are increasingly dependent on information systems. In the process of using the information system, each application system needs to identify the identity of the operator, and assign certain permissions to it according to its different identities. In the traditional identity management system, in order to use different information systems, users need to provide personal information in each information system and keep account login credentials in each information system (such as user name / password, UKey with digital certificate, etc.) , which brings a grea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3257H04L63/0807H04L63/083H04L63/20
Inventor 林璟锵王琼霄孙傲卓蔡权伟
Owner DATA ASSURANCE & COMM SECURITY CENT CHINESE ACADEMY OF SCI