Security architecture for IP-based multi-service networks

The telecommunications industry's transition to Internet Protocol (IP)-based networks is exciting and cost effective, but it also introduces new challenges for service providers, particularly as they begin to integrate Web services with communication services. Security is one key area that poses a significant challenge for service providers while at the same time providing opportunities for vendors. Because these new networks will have a number of service enablers and enriched services will be offered, application and user identity security becomes a chief concern. This paper focuses on IP-based services security architecture for evolving wireless and public domain networks, especially where Web services are brought into play. A Security Assertion Markup Language (SAML) is a basis for the security architecture, which incorporates federated architecture, authentication, encryption, and digital rights management. The paper also details a blended service scenario, highlighting enforcement of security at different entry points in the network.