[Abstract]: When a user requests a service from a server (SA), SA will authenticate the user based on some stored authentication information. If the information is stored on another server or network which is not accessible to SA or not in a compatible form of that required by SA, the identity of the user cannot be established. Without a global authentication service, authentication of users from another autonomous network is a major security issue in service sharing.ududIn this paper, we extended Network Service Sharing Infrastructure (NSSI) by which many networks are linked together for service sharing. Within NSSI, individual networks authenticate and grant authorizations independent of each other by using their own authentication information repository (AIR). NSSI enables authentication and authorization results to be relayed to other linked networks to access a shared services while individual networks still maintain their own authentication scheme or authentication requirements. NSSI facilitates dynamic aggregation of networks for service sharing with minimum administrative overhead.
展开▼
机译:[摘要]:当用户从服务器(SA)请求服务时,SA将基于一些存储的身份验证信息对用户进行身份验证。如果信息存储在SA无法访问或不能以SA要求的兼容形式存储在另一台服务器或网络上,则无法建立用户身份。没有全局身份验证服务,来自另一个自治网络的用户身份验证是服务共享中的主要安全问题。 ud ud在本文中,我们扩展了网络服务共享基础结构(NSSI),该网络将许多网络链接在一起以进行服务共享。在NSSI内,各个网络通过使用自己的身份验证信息存储库(AIR)来相互独立地进行身份验证和授予授权。 NSSI使身份验证和授权结果可以中继到其他链接的网络,以访问共享服务,而各个网络仍保持自己的身份验证方案或身份验证要求。 NSSI促进了网络的动态聚合,以最小的管理开销进行服务共享。
展开▼
