| Web Services is a new distributed computing model. It has the characteristics of loosen-coupling, cross-platform and cross-language. It can accelerate integration of different kinds of business and enterprise systems, reduce cost and improve benefit. However, the security problems that Web Services meet in practice have been restricted the development and application of Web Services. Only relying on traditionary secure solution cannot satisfy the security requirements of Web Services. Identity authentication is the first safeguard before users access the application system. Currently, the federated authentication in distributed environment is becoming more and more important. The Security Assertion Markup Language (SAML) is an important standardized criterion of this new authentication method. It is also an XML based Single Sign-On standard, which enables the exchange of authentication, authorization and other information between different entities. In this paper, on the basis of thorough analysis and comparison between the two tranditional SAML_based Sigle Sign-On model, the SSO integration model is given. The security problem of the model is also studied and the corresponding solution is put forward. In the last part of the paper, we demonstrated a simple application of this system. |
PDF Full Text Request