Binary Information Press
The rise of cloud computing accelerates the development of network service and helps people to get service conveniently through the Internet. However, it also makes the security problems of federated identity authentication and management more serious. In this paper, the authors deduce the implementation process of SAML 2.0 SSO protocol by S-pi calculus and analyze the protocol vulnerabilities. Based on the analysis results, they propose the PKI-based improvement scheme of SAML 2.0 SSO and prove the security properties of the scheme by S-pi calculus. The experimental results demonstrate that their scheme can enhance the security of original SAML 2.0 SSO without reducing the efficiency of the protocol significantly.