Research on Unified Authentication Model based on the Kerberos and SAML

Kerberos protocol is a kind of unified authentication scheme for distributed network environment, which focused on validation functions, not provide complete authorization and access control functions. Security assertion markup language (SAML) is an xml-based framework, which is used to exchange information on authentication and authorization assertions of the subject. But it has not the security protocol for the information exchange between entities. In this paper, an unified authentication model is proposed that improves and simplify the Kerberos protocol, separates the functions of authentication and authorization, and introduces the SAML assertions to this model, in order to safeguard the service provider can be distributed information authorization according to SAML assert.