Federated authentication system is central to Distributed Digital Library, and it's vital for high service quality. And role sharing among authentication centers is indispensable for a Federation Authentication System, but related research is deficient. Introduce two delegation models for federated authentication system, and based on this tow models, a method of role delegating is proposed. While achieving the purpose of sharing roles among multiple authentication centers, the improper usage of role issue on delegation is carefully considered. Our models and method are implemented in federated authentication system of China Academic Digital Library & Information System, and supply stable authentication and authority service for kinds of application systems.
展开▼