| Along with the quick development of computer and network applications and a lot network application system and network services become common, the computer user has to login many different kinds of network application system in order to use related service. The more systems the user has to login, the more access errors will occur. Then the security of related system will be decreased. So it becomes one of the problems to consider about how to provide quick and secure authentication and authorization for network applications. However, every user has to login various application systems because in traditional solution, every network system has independent security check system, use its own authentication methods, build an independent list of authorization and maintain each security log. But the disadvantage is apparent in the present application system environment. In order to solve the problems, which introduced by traditional system, we have to make the infrastructure, such as authentication, authorization and accounting independent of application, and make each of them become an independent basic service. The user's identity only needs to authenticate once to access all the authorized system and resources seamlessly and then it can enhance efficiency, reduce the cost of operation and increase the security of whole system. This solution is Single sign-on.Single Sign on (SSO) is a useful technology that allows users to skip bothersome authentication processes during accesses to multiple services. It is particularly useful for services for mobile terminals because of their limited resources and interfaces.In an SSO system, a user actively authenticates him once to a set of services. Subsequently user authentications for any of the services within this service domain are handled automatically by the system. An SSO system can increase user convenience and security. Another advantage is that the authentication authority might use pseudonym or anonymity towards other, maybe less reliable, parties. This authentication provider could also deliver necessary user data to third parties while respecting the privacy of the user. Finally, the SSO system can reduce the cost of administration for the entities offering the services, because there is no need to develop and maintain (forgotten passwords) an own authentication system.The main part of the paper focuses on telecom provisioning in SSO solution, and the main content is about the SSO design and implement in telecom provisioning. Firstly, the requirement of SSO is introduced, after that the requirement of central provisioning manager module is described. Secondly, the background of research is described, such as elaboration of SSO business model and SSO solution. Then there comes the SSO conceptal components description. After that, we discuss the design and implement of the SSO and the important part is Central Provisioning manger module. In addition, we have the discussion of SSO security and privacy. Finally, we make a brief summary, discuss the problems left open, and then prospect the future improvement. |
PDF Full Text Request