World Wide Web Watch | Han XU's Weblog

[Security]什么叫强认证（strong authentication）？ 原创空间,  软件技术,  电脑与网络 今天看到flyfox站友提问什么是强认证技术，正好在这里解释一下。 所谓“强认证（strong authentication）”，指的是（呵呵当然咯，肯定不是上面提到的这个用户名/密码认证，不然怎么区别出“强”这个字啊）从多个方面进行认证（而不是仅靠一旦泄露或被猜中便完蛋的密码认证）：比如（１）某种形式的用户名／密码（２）某中不可伪造的东西，比如加密Ｕ盘，数字令牌等等（３）能够起到区分个体作用的身体特征，比如虹膜，指纹之类的。 徐涵（Han Xu） 发表于 2006-8-31 0:05:33 | 阅读全文(11104) | 回复(3) | 编辑 | 精华 | 删除

[Security][收藏]揭开SAML的神秘面纱（Demystifying SAML） -- 作者：admin 文章收藏 本文转载自W3CHINA.ORG讨论区(BBS.W3CHINA.ORG)   原文链接 作者：admin 以下为原文： 揭开SAML的神秘面纱（Demystifying SAML） Demystifying SAML by Harold Lockhart 11/09/2005 Abstract As more and more systems are linked through Web services, portals, and integrated applications, the need for a standard that allows security information to be shared and exchanged becomes more and more apparent. Security Assertion Markup Language, or SAML, provides a robust, yet extensible set of data formats to communicate identity and authentication information in a variety of environments. Identity Federation, a key concept driving the need for and the definition of SAML, means using information from multiple, independently administered sources to implement security services such as authorization. Along with Single Sign-on (SSO), SAML is a requirement for modern networked environments. Identity Federation Before computers were routinely connected to networks, security services—like authentication and authoriza 徐涵（Han Xu） 发表于 2005-12-8 23:47:32 | 阅读全文(4910) | 回复(0) | 编辑 | 精华 | 删除

« 1 ›