2. Introduction
Single sign-on is a method of access
control
It is a user/session authentication process
that permits a user to enter one name and
password in order to access multiple
applications
It authenticates the user for all the
applications they have been given rights
It eliminates further prompts when they
switch applications during a particular
session
http://www.ifour-consultancy.com Offshore software development company India
3. Advantages
Reduced operational cost
Reduced time to access data
Improved user experience, as not many
password to be remembered
Developer work is reduced
Centralized management of users, roles
Simplified administration
http://www.ifour-consultancy.com Offshore software development company India
4. Disadvantages
Difficult to retrofit: An SSO solution can be
difficult, time-consuming, and expensive to retrofit to
existing applications
Unattended desktop: Implementing SSO reduces
some security risks, but increases others. For
example, a malicious user could gain access to a
user’s resources if the user walks away from his
machine and leaves it logged in
Single point of attack: With single sign-on, a
single, central authentication service is used by all
applications. This is an attractive target for hackers
who may decide to carry out a denial of service
attack
http://www.ifour-consultancy.com Offshore software development company India
5. Types Of SSO
Password Synchronization
Legacy SSO (Employee/Enterprise
SSO)
Web Access Management (WAM)
Cross Domain (realm) SSO
Federated SSO
http://www.ifour-consultancy.com Offshore software development company India
6. Password Synchronization
A process that coordinates passwords
across multiple computers and
devices and/or applications
Each computer, device, application
still authenticates but behind the
scene
Products:
◦ MTech’s P-Synch
◦ SecurePass
◦ SAM Pass Synch
http://www.ifour-consultancy.com Offshore software development company India
7. Password Synchronization
It is low in cost, have a low impact on
the operations environment
In order for this to be a secure
solution, the password that is captured
must be stored in volatile memory and
be passed encrypted via secure
channels
http://www.ifour-consultancy.com Offshore software development company India
8. Legacy SSO(eSSO)
Enterprise or Employee SSO
After primary authentication, it intercepts further login
prompts and fills them for automatically
E-SSO systems interoperate with applications that
are unable to externalize user authentication by
screen scraping
Screen Scraping: A type of software that captures the
window information for an application’s authentication
dialog box and stores the password in a database for
when the dialog box opens in the future
http://www.ifour-consultancy.com Offshore software development company India
9. Two Types of eSSO
Script based
◦ Write a script that would take the target
applications credentials and launch the
application
◦ Requires modification of desktop icons
Application wizard based
◦ Runs a service on the client that continually
monitors the workstation for login dialog
boxes
◦ Event based, cheaper, and easier to deploy
http://www.ifour-consultancy.com Offshore software development company India
10. Basic Web SSO (WAM)
Also known as Web access management
It is browser based application
Cookie support is required
Authentication is achieved when user
identification information is presented
and stored in a cookie on the Web proxy
server or a targeted Web server
The information in the cookie is retrieved
each time the end-user attempts to enter
a Web portal or new Web resource
Single sign-on to applications deployed
on a single web server (domain)
http://www.ifour-consultancy.com Offshore software development company India
11. Cross Domain SSO
Multiple realms that manage user
credentials
A user authenticated in one realm gets
signed-on to an application using
another realm typically with in the
same enterprise
http://www.ifour-consultancy.com Offshore software development company India
12. Federated SSO
Extend SSO across enterprises
Liberty Alliance, OASIS, IBM/Microsoft
Advantages
◦ Establishment of trusted partnerships
◦ New revenue opportunities
◦ New, efficient, and production biz models
http://www.ifour-consultancy.com Offshore software development company India
13. Liberty Model for federated SSO
http://www.ifour-consultancy.com Offshore software development company India
14. References
http://en.wikipedia.org/wiki/Single_sign-on
Single Sign On Through Password
Synchronization - Nancy Loveland
Web Single Sign-On Systems - Shakir
James
White Paper – “The Realities of Single
Sign-On”
Symbiosis Students
Gargi Shukla
Pankaj Sukhdeve
Siddharth Khurana
Ankit Sharma
http://www.ifour-consultancy.com Offshore software development company India
Notas del editor
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com