A study on the XML-based single sign-on system supporting mobile and ubiquitous service environments

Abstract

With the integration of mobile and Web applications, the number of services a typical mobile user accesses has grown multi-fold and this forces users to manage multiple user names and passwords daily. The same situation will be extended to ubiquitous service environments. Recently, OMA suggests a new architecture for implementing the Web Services standard for mobile environments, and SAML is recommended for user authentication and authorization on mobile Web Services. SAML is an XML based single sign-on standard, which enables the exchange of authentication, authorization, and profile information between different entities. This provides interoperability between different security services in the distributed environments including mobile and ubiquitous service environments. In this paper, we propose a single sign-on architecture in which a mobile user offers his credential information to the wired service network for obtaining user authentication and accesses to another domain using this authentication, based on the SAML standard. And we verify this architecture by checking the security messages between entities based on a messaging scenario. © Springer-Verlag Berlin Heidelberg 2004.