應用於行動裝置之單一簽入系統設計

Ching-Ting Liu; 劉晉廷

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/16062

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	郭斯彥(Sy-Yen Kuo)
dc.contributor.author	Ching-Ting Liu	en
dc.contributor.author	劉晉廷	zh_TW
dc.date.accessioned	2021-06-07T17:59:41Z	-
dc.date.copyright	2012-08-28
dc.date.issued	2012
dc.date.submitted	2012-08-08
dc.identifier.citation	[1] The oauth 1.0 protocol. [2] Oauth 2.0,http://oauth.net/2/. [3] Microsoft passport review guide[eb/ol],http://www.microsoft. com/net/services/passport/review-guide.asp, 2003. [4] G. Brail. A short history of api authentication. 2011. [5] Y. Demchenko. Security languages for access control and authorisation: SAML and XACML languages overview. Technical report. [6] Z. Fu, J.Wang, L. Yang, and Y. Cao. Application independent identity management. In Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on, pages 625 –628, dec. 2010. [7] R. He, M. Yuan, J. Hu, H. Zhang, Z. Kan, and J. Ma. A novel service-oriented aaa architecture. In Personal, Indoor and Mobile Radio Communications, 2003. PIMRC 2003. 14th IEEE Proceedings on, volume 3, pages 2833 – 2837 vol.3, sept. 2003. [8] D. Nobayashi, Y. Nakamura, T. Ikenaga, and Y. Hori. Development of single signon system with hardware token and key management server. In Proceedings of the Second Nnternational Conference on Systems and Networks Communications, ICSNC ’07, pages 73–, Washington, DC, USA, 2007. IEEE Computer Society. [9] N. Oza, K. Karppinen, and R. Savola. User experience and security in the cloud –an empirical study in the finnish cloud consortium. In Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on, pages 621 –628, 30 2010-dec. 3 2010. [10] T. Parker. Single sign-on systems-the technologies and the products. In Security and Detection, 1995., European Convention on, pages 151 –155, may 1995. [11] A. Pashalidis and C. Mitchell. Impostor: a single sign-on system for use from untrusted devices. In Global Telecommunications Conference, 2004. GLOBECOM ’04. IEEE, volume 4, pages 2191 – 2195 Vol.4, nov.-3 dec. 2004. [12] A. Pashalidis and C. J. Mitchell. A taxonomy of single sign-on systems. In Proceedings of the 8th Australasian conference on Information security and privacy, ACISP’03, pages 249–264, Berlin, Heidelberg, 2003. Springer-Verlag. [13] D. Recordon and D. Hardt. The OAuth 2.0 Authorization Protocol”. draft-ietf-oauthv2-22. Technical report, IETF, Sept. 2011. [14] A. Revar and M. Bhavsar. Securing user authentication using single sign-on in cloud computing. In Engineering (NUiCONE), 2011 Nirma University International Conference on, pages 1 –4, dec. 2011. [15] E. Saravanakumar and A. Mohan. Single password, multiple accounts. In Computing, Communication and Networking, 2008. ICCCn 2008. International Conference on, pages 1 –7, dec. 2008. [16] P. Tiwari and S. Joshi. Single sign-on with one time password. In Internet, 2009. AH-ICI 2009. First Asian Himalayas International Conference on, pages 1 –4, nov. 2009. [17] V. Toubiana, V. Verdot, G. Burnside, and E. Joubert. R2m: A reputation model for mashups. In Consumer Communications and Networking Conference (CCNC), 2010 7th IEEE, pages 1 –6, jan. 2010. [18] T. von Hoff and M. Crevatin. Http digest authentication in embedded automation systems. In Emerging Technologies and Factory Automation, 2003. Proceedings. ETFA ’03. IEEE Conference, volume 1, pages 390 – 397 vol.1, sept. 2003. [19] I. Vuksanovic and B. Sudarevic. Use of web application frameworks in the development of small applications. In MIPRO, 2011 Proceedings of the 34th International Convention, pages 458 –462, may 2011.30
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/16062	-
dc.description.abstract	本論文提出一種適用於智慧型行動裝置的第三方軟體單一簽入機制，來解決目前智慧型裝置上跨軟體使用同一個OAuth 認證服務時，需要個別輸入登入資訊的缺點。本文透過一種登入代理器的架構來實現單一簽入，本機制設計的情境中，使用者僅需登入一次，即可在跨軟體間自動進行OAuth 2.0 帳號認證與資源存取授權。並且透過 OAuth 2.0標準延伸介面，使程式實現自動化登入功能。論文中我們利用這個機制，實作一個適合年長者使用的社群服務，透過登入代理的機制，解決目前行動裝置OAuth 2.0需重複登入帳號密碼的缺點。	zh_TW
dc.description.abstract	In order to resolve the problems of the repeated login form various kinds of smart phone applications which using the same OpenID account, a mobile agent for single sign-on (SSO) on smart device schemes is proposed. Under SSO, users need to login only one time by their authentication credentials( usually a username/password pair) in order to log into the OpenID account they subsequently use. This paper presents the design of an S-OAuth system that is based on a mobile agent, and that is suitable for use form an smart devices. Unlike existing OAuth-based schemes, which require users login on web page every time between different applications, the one presented here does not. An implementation of the scheme, called ‘S-OAuth’, is also described. The prototype is implemented as an mobile agent and OAuth 2.0 identity provider, resulting in a system that works with android smart devices and OAuth-based services.	en
dc.description.provenance	Made available in DSpace on 2021-06-07T17:59:41Z (GMT). No. of bitstreams: 1 ntu-101-R99943144-1.pdf: 1682644 bytes, checksum: 2fe9c69bdcb305a2084c78d9e980bce3 (MD5) Previous issue date: 2012	en
dc.description.tableofcontents	致謝. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .i 中文摘要. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .ii Abstract. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .iii 1 Introduction 1 1.1 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Contribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2 Related Works 5 2.1 Multiple Authentication and Authorization Methods . . . . . . . . . . . . 5 2.1.1 HTTP Basic authentication . . . . . . . . . . . . . . . . . . . . . 5 2.1.2 HTTP Digest authentication . . . . . . . . . . . . . . . . . . . . 5 2.1.3 OAuth 2.0 protocol . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Single Sign-on technologies . . . . . . . . . . . . . . . . . . . . . . . . 7 2.2.1 Impostor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3 Scheme 12 3.1 Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.2 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.3 Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4 Implementation 16 4.1 OAuth 2.0 Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.1.1 Identity provider . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.1.2 Software development kit for service provider . . . . . . . . . . . 19 4.2 S-OAuth Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.2.1 Software development kit for applications . . . . . . . . . . . . . 20 5 Experimental Results 23 5.1 Register an device account on website . . . . . . . . . . . . . . . . . . . 24 5.2 Login device account on android S-OAuth agent . . . . . . . . . . . . . . 25 5.3 Third party company access private resource . . . . . . . . . . . . . . . . 26 6 Conclusions and Future Works 27 Bibliography 28
dc.language.iso	en
dc.subject	單一簽入	zh_TW
dc.subject	OAuth 2.0	zh_TW
dc.subject	智慧型手機	zh_TW
dc.subject	Single Sign-on	en
dc.subject	Mobile Applications	en
dc.subject	OAuth 2.0	en
dc.title	應用於行動裝置之單一簽入系統設計	zh_TW
dc.title	An OAuth-based Single Sign-On System for Mobile Applications	en
dc.type	Thesis
dc.date.schoolyear	100-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	雷欽隆(Chin-Lung Lei),顏嗣鈞(Ssu-Chun Yen),陳俊良(Chun-Liang Chen),陳英一(Ying-Yi Chen)
dc.subject.keyword	智慧型手機,單一簽入,OAuth 2.0,	zh_TW
dc.subject.keyword	OAuth 2.0,Single Sign-on,Mobile Applications,	en
dc.relation.page	30
dc.rights.note	未授權
dc.date.accepted	2012-08-08
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	電子工程學研究所	zh_TW
顯示於系所單位：	電子工程學研究所

文件中的檔案：

檔案	大小	格式
ntu-101-1.pdf 未授權公開取用	1.64 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。