Sistem enkratne prijave Shibboleth
diplomsko delo
Abstract
Cilj protokola Shibboleth je predvsem razbremenitev večkratne avtentikacije uporabnikov znotraj na primer večjih javnih ali zasebnih ustanov, kot so univerze, podjetja, ki imajo razne aplikacije ali storitve, ki potrebujejo avtentikacijo. Protokol Shibboleth deluje na principu enkratne prijave, kar pomeni, da bi uporabnik potreboval le eno uporabniško ime in geslo za prijavo v vse aplikacije znotraj neke ustanove. V delu bomo najprej opisali koncepte protokola Shibboleth in njegove povezave z drugimi mehanizmi predvsem z mehanizmom enkratne prijave (SSO). Poudarek bomo dali na SAML (Security Assertion Markup Language), tj. protokol, na katerem se Shibboleth bazira in sklicuje. Opisali bomo delovanje IDP (ponudnik identitete) in SP (ponudnik storitev) ter potek prijave med njimi.
V drugem delu diplomskega dela bomo opisali potek postavitve in konfiguracijo prototipa protokola Shibboleth v lokalnem omrežju, temelječega na operacijskem sistemu Windows.
Keywords
Shibboleth protokol;enkratna prijava;SAML;ponudnik storitev;ponudnik identitet;računalništvo;visokošolski strokovni študij;računalništvo in informatika;diplomske naloge;
Data
| Language: | Slovenian |
|---|---|
| Year of publishing: | 2015 |
| Typology: | 2.11 - Undergraduate Thesis |
| Organization: | UL FRI - Faculty of Computer and Information Science |
| Publisher: | [K. Železnik] |
| UDC: | 004.7.057.4(043.2) |
| COBISS: |
1536273603
|
| Views: | 1605 |
| Downloads: | 261 |
| Average score: | 0 (0 votes) |
| Metadata: |
|
Other data
| Secondary language: | English |
|---|---|
| Secondary title: | Single-sign in system Shibboleth |
| Secondary abstract: | The aim of Shibboleth protocol is mainly to relieve users within, for example, large public or private institutions such as universities, companies that have a variety of different applications or services that require authentication. Shibboleth protocol operates on the principle of single sign-on, which means that the user needs only one username and password to log in to all applications within an institution. In the first part, we will describe the research and concepts of the Shibboleth protocol and its links with other mechanisms, in particular with the mechanism single sign-on. The emphasis will be placed on SAML (Security Assertion Markup Language) protocol which Shibboleth is based on and referred to. We will also describe the operation of the IDP (identity provide), SP (service provider) and the steps that take part between them in the registration process. In the second part of the thesis, we will describe the course of implementation and configuration of the prototype Shibboleth protocol on a local network based on Windows systems. |
| Secondary keywords: | Shibboleth protocol;single sign-in;SAML;service provider;identity provider;computer science;computer and information science;diploma; |
| File type: | application/pdf |
| Type (COBISS): | Bachelor thesis/paper |
| Thesis comment: | Univ. v Ljubljani, Fak. za računalništvo in informatiko |
| Pages: | 57 str. |
| ID: | 8752142 |
Recommended works:
Sistem enkratne prijave Shibboleth
2015,
diplomsko delo
Sinhronizacija heterogenih podatkovnih sistemov
2015,
diplomsko delo