Abstract: To enhance the security of user domain in single sign-on system, the hrusted Platform Modul}(TPM) was introduced to ensure the terminal trustworthiness. Meanwhile a user authentication scheme combined with password, fingerprint and smartcard was adopted, which achieves the mutual identification among user, user terminal and smartcard,and ensures the usage security of the information provided by application service. The security and performance analysis shows that the user authentication can identify the owner of user terminal from the genuine operators without any prcnegotiation, computation with Hash function in user authentication and push validation attestation on user platform integrity are of high efficiency.

Key words: Trusted computing, Single sign-on, Smart card, Identity authentication, Model