The Single Sign On Model Using SAML and OAuth for Online Application of UPNYK
Abstract
Big companies have different systems both in terms of applications as well as the operating system, which requires each user to login to each different applications over and over again. With the SSO, users only need to remember one username and one password, but apply automatically universal across enterprise applications, so in this way it can be easier by using SAML (Security Assertion Markup language) for applications to be integrated without having to create a separate user validation. This SAML technology is an XML-based framework and can guarantee the encryption of all or part of the data and then convey it to the end user. Moreover, it allows easy and secure data exchange between systems. The data exchange will be protected by authorization and authentication through tokens containing statements to pass data between users authorized by SAML. SAML can be supported by OAUTH as bearer protocol to provide extensive security when user access services along side on the SSO network