Based On The Saml Single Sign-on Technology Application In Telecom Added Value Service

In recent years, China’s telecom value-added service has developed rapidly, but thevarious value-added systems, lack of overall planning and resources information sharing,one of the most prominent problem is the user identity information is hard to be sharedbetween each subsystems. In this paper the present telecom value-added service systemcharacteristic and development trend undertook an analysis, put forward to solve theabove problems the method based on a technical specification called SAML, suitable forthe model and mechanism of telecom value-added service subsystem called enhancedsingle sign-on (Single Sign On, SSO).The simulation experiments show that, the model tosolve the user identity information sharing problems, achieves the expected effect.SSO is that user only needs to login one of a business system can be accessible to thesame identity login to other related business systems. Security Assertion Markuplanguage as one kind based on the XML specification, its role in the different applicationor service system is providing legitimate certification information that has been validated.System to achieve the core SAML single sign-on system is certified server-side; it isresponsible for verifying the legitimacy of the applicant and according to the identity ofthe applicant to create different security SAML token. The process of the implementationof the authentication server:Authentication and authorization control of telecom value-added services withspecific value-added business processing logic independent of the existence of the trustrelationship between the value-added services subsystem through the foregoing analysis,it is not difficult to find. This dissertation is the SSO with SAML technology, aims topropose an enhanced user identity information-sharing mechanism with the model, themodel in the simulation experiment to achieve the expected results.This dissertation is a relatively simple model to achieve cross-domain issues, whileenhancing the integrity of shared identity information delivery model does not have thetraditional single sign confidentiality and non-repudiation.This model is applied to a building intelligent system。...