[Security]什么叫强认证(strong authentication)?

今天看到flyfox站友提问什么是强认证技术,正好在这里解释一下。 所谓“强认证(strong authentication)”,指的是(呵呵当然咯,肯定不是上面提到的这个用户名/密码认证,不然怎么区别出“强”这个字啊)从多个方面进行认证(而不是仅靠一旦泄露或被猜中便完蛋的密码认证):比如(1)某种形式的用户名/密码(2)某中不可伪造的东西,比如加密U盘,数字令牌等等(3)能够起到区分个体作用的身体特征,比如虹膜,指纹之类的。



阅读全文(10876) | 回复(3) | 编辑 | 精华 | 删除


[Security][收藏]揭开SAML的神秘面纱(Demystifying SAML) -- 作者:admin

本文转载自W3CHINA.ORG讨论区(BBS.W3CHINA.ORG)   原文链接
作者:admin
以下为原文:

揭开SAML的神秘面纱(Demystifying SAML)

Demystifying SAML
by Harold Lockhart
11/09/2005 Abstract
As more and more systems are linked through Web services, portals, and integrated applications, the need for a standard that allows security information to be shared and exchanged becomes more and more apparent. Security Assertion Markup Language, or SAML, provides a robust, yet extensible set of data formats to communicate identity and authentication information in a variety of environments. Identity Federation, a key concept driving the need for and the definition of SAML, means using information from multiple, independently administered sources to implement security services such as authorization. Along with Single Sign-on (SSO), SAML is a requirement for modern networked environments. Identity Federation
Before computers were routinely connected to networks, security services—like authentication and authoriza



阅读全文(4832) | 回复(0) | 编辑 | 精华 | 删除


« 1

日历 | CALENDAR

«November 2018»
123
45678910
11121314151617
18192021222324
252627282930
blog名称:World Wide Web Watch
日志总数:193
评论数量:663
留言数量:75
访问次数:5555795
建立时间:2004年10月30日
站点首页 | 联系我们 | 博客注册 | 博客登陆

Sponsored By W3CHINA
W3CHINA Blog 0.8 Processed in 0.031 second(s), page refreshed 144159130 times.
《全国人大常委会关于维护互联网安全的决定》  《计算机信息网络国际联网安全保护管理办法》
苏ICP备05006046号