Introduction:
Canada's largest telecommunications company, offers integrated information and communications technology services to businesses and governments, and consumers with solutions to all their communications needs, including telephone services, wireless communications, high-speed Internet, digital television and voice over IP.

Business Objective:
The telecoms provider wanted to build on the success of its business customer web portal, by launching complementary new Web Services to enable customers and partners integrate their back office systems directly into its own. This Web Service-based platform would not only automate and improve the efficiency of order processing, by removing the need for re-keying information into HTML forms, but also reduce integration costs and potentially provide new revenue streams.

Business Challenge:
As a result of market deregulation this telecoms provider was facing increased competitive challenges from rival operators entitled to access customer account information to facilitate number and account portability. Consequently, the company had to simultaneously improve the customer centric focus of its business by increasing business efficiencies and accelerating the roll out of new services [order processing, bill presentment and CRM access for reselling agents], whilst opening up its customer sensitive information to direct market competitors.

Technical Challenge:
The company had to manage the flow of both Web browser and Web Services traffic through its portal using a single policy store of user identity information. Furthermore, they had to implement a security infrastructure to protect the XML environment and implement strict controls for compliance with regulatory privacy commitments for data sent over Web Services channels

Benefits/Results:

Re-use existing security infrastructure obtaining return on assets - avoid the cost and extra management complexity of new "silos" of users and policies. The solution allows users management and policy management to be common across both Web browser traffic and XML traffic.

Comply with deregulated telecoms market mandates pertaining to account portability regulatory guidelines for auditing and non-repudiation - the use of strong authentication and authorization, as well as keeping an audit trail of all transactions, satisfies regulatory requirements for Integrity, confidentiality and auditability preserved for all business sensitive transactions.

Maintain market competitiveness and complement the corporate strategy of a Customer-centric approach - This security solution allows the telecoms provider to extend services to partners and end-users in an increasingly competitive market place.