A Centralized Identity Authentication in the Cloud Service of Public Culture Digital Resources
Gu Jiawei1, Wang Shengqing2, Zhao Danqun1, Chen Wenguang1
1. Department of Information Management, Peking University, Beijing 100871, China;
2. Modern Education Technology Center, Peking University, Beijing 100871, China
[Objective] A centralized identity authentication model is raised to solve user identity management problem. [Context] In the National Public Culture Digital Platform, the identity authenticcation needs to consider the characters of the topological structure of the platform and the autonomous of the users from member libraries. [Methods] This model uses an implicit or explicit global identity and mapping relations of automomous identity in order to unify the autonomous identity of the member libraries. [Results] By this model, users don't need to remember multiple identities, member libraries can share users information and realize user-centered. New member libraries can join easily. [Conclusions] This model has certain feasibility, but it still has some problems such as the efficiency, identity disambiguation and security. It should be test and adjust when being implemented.
顾嘉伟, 王胜清, 赵丹群, 陈文广. 公共文化数字资源云服务的一种中心化身份认证模式[J]. 现代图书情报技术, 2015, 31(2): 64-71.
Gu Jiawei, Wang Shengqing, Zhao Danqun, Chen Wenguang. A Centralized Identity Authentication in the Cloud Service of Public Culture Digital Resources. New Technology of Library and Information Service, 2015, 31(2): 64-71.
[1] 国家公共文化数字支撑平台2013 年度建设方案(草案)[R]. 北京: 文化部全国公共文化发展中心. 2012.
[2] Radha V, Reddy D H. A Survey on Single Sign-on Techniques[J]. Procedia Technology, 2012, 4:134-139.
[3] 房晶. 云计算的虚拟化安全和单点登录研究[D]. 北京: 北 京交通大学, 2012. (Fang Jing. Virtualization Security and Single Sign-on Research of Cloud Computing [D]. Beijing: Beijing Jiaotong University, 2012.)
[4] What is Credential Manager? [EB/OL]. [2014-06-08]. http://windows.microsoft.com/en-US/Windows7/What-is-Credentia l-Manager.
[5] eTrustTM Single Sign-on [EB/OL]. [2014-06-08]. https://supportcontent.ca.com/cadocs/0/g006742e.pdf.
[6] OASIS: Security Assertion Markup Language (SAML) V2.0 Technical Overview [EB/OL]. [2014-06-08]. http://docs.oasisopen. org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.pdf.
[7] Cantor S, Kemp J, Philpott R, et al. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 [R]. OASIS SSTC, 2005.
[8] SAML Single Sign-On Service for Google Apps [EB/OL].[2014-06-08]. https://developers.google.com/google-apps/sso/saml_reference_implementation?hl=zh-cn.
[9] OpenID Authentication 2.0 -Final [EB/OL]. [2014-06-08]. http://openid.net/specs/openid-authentication-2_0.html.
[10] Recordon D, Reed D. OpenID 2.0: A Platform for Usercentricidentity Management [C]. In: Proceedings of the 2nd ACM Workshop on Digital Identity Management, Alexandria, Virginia, USA. ACM, 2006: 11-16.
[11] What are Information Cards? [EB/OL]. [2014-06-08]. http://informationcard.net/quick-overview.
[12] Oppliger R. Microsoft.NET Passport and Identity Management[J]. Information Security Technical Report, 2004, 9(1): 26-34.
[13] McKiernan P. Addressing Online Identity: Understanding the Microsoft Passport Service [J]. Information Security Technical Report, 2002, 7(3): 65-80.
[14] 陈茂隆. 云计算平台下用户身份管理系统的设计与开发[D]. 天津: 天津大学, 2012. (Chen Maolong. Design and Implementation of User Identity Management System in Cloud Computing Center [D]. Tianjin: Tianjin University, 2012.)
[15] Social Login [EB/OL]. [2014-06-08]. http://janrain.com/product/social-login/.
[16] Clickpass Acquired by Janrain [EB/OL]. [2014-06-08]. http://janrain.com/clickpass-acquired-janrain/.
[17] 李安琪. 面向大型机构的身份管理与访问控制研究[D]. 长 沙: 国防科学技术大学, 2012. (Li Anqi. Research on Identity Management and Access Control for Large Organizations [D]. Changsha: National University of Defense Technology, 2012.)
[18] Shibboleth [EB/OL]. [2014-10-27]. http://www.internet2.edu/products-services/trust-identity-middleware/shibboleth/.