This paper proposes the design and development of SSO two factor authentication and RBAC authorization in the multiple applications and multidomain environment. The authentication and authorization are based on the X.509 public key certificate and Privilege Management Infrastructure (PMI). In our model, the Security Assertion Markup Language (SAML) is adopted to support the exchange of authentication and authorization information. SAML enables the Single Sign-On (SSO) authentication in the federation environment to be more manageable and scalable. This is required for the distributed computing systems where the strong authentication and dynamic authorization are needed. Finally, we presented our ongoing implementation status and demonstrated that our proposed model serves as another practical solution in implementing the dynamic RBAC policy management in the multiple SSO and PKI domains.
展开▼
