基于联盟身份认证和CALIS联合认证的图书馆资源访问方案

doi:10.3969/j.issn.1000-436x.2013.Z2.014

Journal on Communications ›› 2013, Vol. 34 ›› Issue (Z2): 69-73.doi: 10.3969/j.issn.1000-436x.2013.Z2.014

• Network and Information Security • Previous Articles Next Articles

Library resource sharing solution based on federated authentication and CALIS unified authentication

Jie LV^1,²,Ping CHEN^1,²,Wen-qing WANG³,Yang ZHANG^1,²,Bei ZHANG^1,²

¹ Computer Center,Peking University,Beijing 100871,China
² Key Laboratory of Network and Software Security Assurance Ministry of Education,Peking University,Beijing 100871,China
³ Management Center of China Academic Library and Information System (CALIS),Beijing 100871,China

Online:2013-12-25 Published:2017-06-16
Supported by:
2011 National Information Security Special Project “A Digital Resource Security Protection Service Based on Reliable Identity Federation and Cloud Computing” Progect Funded by National Development and Reform Commission

Abstract

Abstract:

To address the problem of enforcing access control for library digital resources,federated authentication technologies were analyze which are widely used in the world,and CALIS unified authentication technologies that are widely deployed in China’s libraries were also analyzed.A solution integrating federated authentication and CALIS unified authentication technologies was proposed,which was developed,deployed and tested on the test-bed of CARSI federation.Test results show the proposed solution enforces effective and flexible access control for library resources.

Key words: federated authentication, access control, CALIS unified authentication

Jie LV,Ping CHEN,Wen-qing WANG,Yang ZHANG,Bei ZHANG. Library resource sharing solution based on federated authentication and CALIS unified authentication[J]. Journal on Communications, 2013, 34(Z2): 69-73.

Figures/Tables 4

References 10

[1]	RAGOUZIS N , HUGHES J , PHILPOTT R ,et al. Security assertion markup language(SAML) V2.0 technical overview[EB/OL]. . 2008.
[2]	TAKAAKI K , HIROAKI S , NORITOSHI D ,et al. Design and implementation of web forward proxy with shibboleth authentication[A]. 2011 IEEE/IPSJ 11th International Symposium on Applications and the Internet (SAINT)[C]. Munich,Germany, 2011. 321-326.
[3]	EZProxy authentication and access software[EB/OL]..
[4]	RIEGER S . Using federated identities to access IP-protected web resources in multi-customer environments[A]. 2010 Fifth International Conference on Internet and Web Applications and Services (ICIW)[C]. Ohio,USA, 2010. 478-483.
[5]	HARDING P , JOHANSSON L , KLINGENSTEIN N . Dynamic security assertion markup language:simplifying single sign-on[J]. IEEE Security ＆ Privacy, 2008,6(2): 83-85.
[6]	KOMURA T , NAGAI Y , HASHIMOTO S ,et al. Proposal of delegation using electronic certificates on single sign-on system with SAML-protocol[A]. 2009 Ninth Annual International Symposium on Applications and the Internet (SAINT)[C]. Seattle,USA, 2009. 235-238.
[7]	SATO H , NISHIMURA T . Federated authentication in a hierarchy of IdPs by using shibboleth[A]. 2011 IEEE/IPSJ 11th International Symposium on Applications and the Internet(SAINT)[C]. Munich,Germany, 2011. 327-332.
[8]	YAMAJI K , KATAOKA T , NAKAMURA M ,et al. Attribute aggregating system for shibboleth based access management federation[A]. 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT)[C]. Seoul,Korea, 2010. 281-284.
[9]	RIEGER S . User-centric identity management in heterogeneous federations[A]. 2009 Fourth International Conference on Internet and Web Applications and Services(ICIW)[C]. Cape Town,South Africa, 2009. 527-532.
[10]	Internet2 middleware architecture committee for education directory working group,eduPerson specification[EB/OL]..2013.

Metrics

Recommended 0

No Suggested Reading articles found!

[1]	Wei JIN, Fenghua LI, Mingjie YU, Yunchuan GUO, Ziyan ZHOU, Liang FANG. HDFS-oriented cryptographic key resource control mechanism [J]. Journal on Communications, 2022, 43(9): 27-41.
[2]	Jiangtao DONG, Peiwen YAN, Ruizhong DU. Verifiable access control scheme based on unpaired CP-ABE in fog computing [J]. Journal on Communications, 2021, 42(8): 139-150.
[3]	Changgen PENG, Zongfeng PENG, Hongfa DING, Youliang TIAN, Rongfei LIU. Attribute-based revocable collaborative access control scheme [J]. Journal on Communications, 2021, 42(5): 75-86.
[4]	Zuobin YING, Yuanping SI, Jianfeng MA, Ximeng LIU. Blockchain-based distributed EHR fine-grained traceability scheme [J]. Journal on Communications, 2021, 42(5): 205-215.
[5]	Ruizhong DU, Peiwen YAN, Yan LIU. Fine-grained attribute update and outsourcing computing access control scheme in fog computing [J]. Journal on Communications, 2021, 42(3): 160-170.
[6]	Jiawei ZHANG, Jianfeng MA, Zhuo MA, Teng LI. Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing [J]. Journal on Communications, 2021, 42(10): 81-94.
[7]	Tianyi ZHU,Fenghua LI,Wei JIN,Yunchuan GUO,Liang FANG,Lin CHENG. Cross-domain access control policy mapping mechanism for balancing interoperability and autonomy [J]. Journal on Communications, 2020, 41(9): 29-48.
[8]	Qinglei ZHOU,Shaohuan BAN,Yingjie HAN,Feng FENG. Mimic defense authentication method for physical access control [J]. Journal on Communications, 2020, 41(6): 80-87.
[9]	Chunfu JIA,Guanxiong HA,Ruiqi LI. Data access control policy of encrypted deduplication system [J]. Journal on Communications, 2020, 41(5): 72-83.
[10]	Yonggui FU,Jianming ZHU. Design for database access control mechanism based on blockchain [J]. Journal on Communications, 2020, 41(5): 130-140.
[11]	Zheng GUAN,Lei XIONG,Yao JIA,Min HE,Zhijun YANG. Research on scheduled WLAN MAC protocol with failure retries on RoF-DAS architecture [J]. Journal on Communications, 2020, 41(3): 102-111.
[12]	Rongna XIE,Hui LI,Guozhen SHI,Yunchuan GUO. Attribute-based lightweight reconfigurable access control policy [J]. Journal on Communications, 2020, 41(2): 112-122.
[13]	Aodi LIU, Xuehui DU, Na WANG, Rui QIAO. ABAC access control policy generation technique based on deep learning [J]. Journal on Communications, 2020, 41(12): 8-20.
[14]	Rongna XIE, Hui LI, Guozhen SHI, Yunchuan GUO, Ming ZHANG, Xiuze DONG. Blockchain-based access control mechanism for data traceability [J]. Journal on Communications, 2020, 41(12): 82-93.
[15]	Hongfa DING,Changgen PENG,Youliang TIAN,Shuwen XIANG. Privacy risk adaptive access control model via evolutionary game [J]. Journal on Communications, 2019, 40(12): 9-20.

Library resource sharing solution based on federated authentication and CALIS unified authentication

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 4

References 10

Related Articles 15

Metrics

Recommended 0