SlideShare una empresa de Scribd logo

Single sign on - SSO

Descargar como PPTX, PDF
A
Ajit Dadresa

Single sign on - SSO

Tecnología
1 de 14
Single Sign On - SSO
Introduction  Single sign-on is a method of access control  It is a user/session authentication process that permits a user to enter one name and password in order to access multiple applications  It authenticates the user for all the applications they have been given rights  It eliminates further prompts when they switch applications during a particular session http://www.ifour-consultancy.com Offshore software development company India
Advantages  Reduced operational cost  Reduced time to access data  Improved user experience, as not many password to be remembered  Developer work is reduced  Centralized management of users, roles  Simplified administration http://www.ifour-consultancy.com Offshore software development company India
Disadvantages  Difficult to retrofit: An SSO solution can be difficult, time-consuming, and expensive to retrofit to existing applications  Unattended desktop: Implementing SSO reduces some security risks, but increases others. For example, a malicious user could gain access to a user’s resources if the user walks away from his machine and leaves it logged in  Single point of attack: With single sign-on, a single, central authentication service is used by all applications. This is an attractive target for hackers who may decide to carry out a denial of service attack http://www.ifour-consultancy.com Offshore software development company India
Types Of SSO  Password Synchronization  Legacy SSO (Employee/Enterprise SSO)  Web Access Management (WAM)  Cross Domain (realm) SSO  Federated SSO http://www.ifour-consultancy.com Offshore software development company India
Password Synchronization  A process that coordinates passwords across multiple computers and devices and/or applications  Each computer, device, application still authenticates but behind the scene  Products: ◦ MTech’s P-Synch ◦ SecurePass ◦ SAM Pass Synch http://www.ifour-consultancy.com Offshore software development company India
Password Synchronization  It is low in cost, have a low impact on the operations environment  In order for this to be a secure solution, the password that is captured must be stored in volatile memory and be passed encrypted via secure channels http://www.ifour-consultancy.com Offshore software development company India
Legacy SSO(eSSO)  Enterprise or Employee SSO  After primary authentication, it intercepts further login prompts and fills them for automatically  E-SSO systems interoperate with applications that are unable to externalize user authentication by screen scraping  Screen Scraping: A type of software that captures the window information for an application’s authentication dialog box and stores the password in a database for when the dialog box opens in the future http://www.ifour-consultancy.com Offshore software development company India
Two Types of eSSO  Script based ◦ Write a script that would take the target applications credentials and launch the application ◦ Requires modification of desktop icons  Application wizard based ◦ Runs a service on the client that continually monitors the workstation for login dialog boxes ◦ Event based, cheaper, and easier to deploy http://www.ifour-consultancy.com Offshore software development company India
Basic Web SSO (WAM)  Also known as Web access management  It is browser based application  Cookie support is required  Authentication is achieved when user identification information is presented and stored in a cookie on the Web proxy server or a targeted Web server  The information in the cookie is retrieved each time the end-user attempts to enter a Web portal or new Web resource  Single sign-on to applications deployed on a single web server (domain) http://www.ifour-consultancy.com Offshore software development company India
Cross Domain SSO  Multiple realms that manage user credentials  A user authenticated in one realm gets signed-on to an application using another realm typically with in the same enterprise http://www.ifour-consultancy.com Offshore software development company India
Federated SSO  Extend SSO across enterprises  Liberty Alliance, OASIS, IBM/Microsoft  Advantages ◦ Establishment of trusted partnerships ◦ New revenue opportunities ◦ New, efficient, and production biz models http://www.ifour-consultancy.com Offshore software development company India
Liberty Model for federated SSO http://www.ifour-consultancy.com Offshore software development company India
References  http://en.wikipedia.org/wiki/Single_sign-on  Single Sign On Through Password Synchronization - Nancy Loveland  Web Single Sign-On Systems - Shakir James  White Paper – “The Realities of Single Sign-On”  Symbiosis Students  Gargi Shukla  Pankaj Sukhdeve  Siddharth Khurana  Ankit Sharma http://www.ifour-consultancy.com Offshore software development company India

Recomendados

SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ONShambhavi Sahay
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
What is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnWhat is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnRiddhi Sood
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
SIngle Sign On with Keycloak
SIngle Sign On with KeycloakSIngle Sign On with Keycloak
SIngle Sign On with KeycloakJulien Pivotto
 
Single Sign On Considerations
Single Sign On ConsiderationsSingle Sign On Considerations
Single Sign On ConsiderationsVenkat Gattamaneni
 

Recomendados

SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ONShambhavi Sahay
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
What is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnWhat is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnRiddhi Sood
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
SIngle Sign On with Keycloak
SIngle Sign On with KeycloakSIngle Sign On with Keycloak
SIngle Sign On with KeycloakJulien Pivotto
 
Single Sign On Considerations
Single Sign On ConsiderationsSingle Sign On Considerations
Single Sign On ConsiderationsVenkat Gattamaneni
 
Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOOliver Mueller
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol OverviewMike Schwartz
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML Programming Talents
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2Aaron Parecki
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuthDan Brinkmann
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectVinay Manglani
 
APISecurity_OWASP_MitigationGuide
APISecurity_OWASP_MitigationGuide APISecurity_OWASP_MitigationGuide
APISecurity_OWASP_MitigationGuide Isabelle Mauny
 
Okta docs
Okta docsOkta docs
Okta docsSam Bauch
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect ExplainedVladimir Dzhuvinov
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
 
JS authentication with auth0
JS authentication with auth0JS authentication with auth0
JS authentication with auth0Viral Parmar
 
Rest API Security
Rest API SecurityRest API Security
Rest API SecurityStormpath
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web APIBrad Genereaux
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
API Security Fundamentals
API Security FundamentalsAPI Security Fundamentals
API Security FundamentalsJosé Haro Peralta
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
 
Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101Mike Schwartz
 
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onFast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onCraig Dickson
 

Más contenido relacionado

La actualidad más candente

Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOOliver Mueller
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol OverviewMike Schwartz
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2Aaron Parecki
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectVinay Manglani
 
APISecurity_OWASP_MitigationGuide
APISecurity_OWASP_MitigationGuide APISecurity_OWASP_MitigationGuide
APISecurity_OWASP_MitigationGuide Isabelle Mauny
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
 
JS authentication with auth0
JS authentication with auth0JS authentication with auth0
JS authentication with auth0Viral Parmar
 
Rest API Security
Rest API SecurityRest API Security
Rest API SecurityStormpath
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web APIBrad Genereaux
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
 

La actualidad más candente (20)

Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSO
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol Overview
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
 
APISecurity_OWASP_MitigationGuide
APISecurity_OWASP_MitigationGuide APISecurity_OWASP_MitigationGuide
APISecurity_OWASP_MitigationGuide
 
Okta docs
Okta docsOkta docs
Okta docs
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
JS authentication with auth0
JS authentication with auth0JS authentication with auth0
JS authentication with auth0
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web API
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
 
API Security Fundamentals
API Security FundamentalsAPI Security Fundamentals
API Security Fundamentals
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's New
 

Destacado

Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onFast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onCraig Dickson
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancyDevam Shah
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptwebhostingguy
 
Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14Aileen Buckley
 
What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2Aileen Buckley
 
Sso cases Experience
Sso cases ExperienceSso cases Experience
Sso cases ExperienceVu Tran 14
 
CIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the ClientCIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the ClientCloudIDSummit
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case StudyEbizon
 
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014Geodata AS
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsCA API Management
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceCA API Management
 
Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)Brian Campbell
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPSAshish Jain
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSOAshish Jain
 

Destacado (20)

Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101
 
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onFast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
 
Single sign on
Single sign onSingle sign on
Single sign on
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
 
Single Sign-On Best Practices
Single Sign-On Best PracticesSingle Sign-On Best Practices
Single Sign-On Best Practices
 
IBM Single Sign-On
IBM Single Sign-OnIBM Single Sign-On
IBM Single Sign-On
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
 
Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14
 
What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2
 
Sso cases Experience
Sso cases ExperienceSso cases Experience
Sso cases Experience
 
CIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the ClientCIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the Client
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case Study
 
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing Passwords
 
SSO - SIngle Sign On
SSO - SIngle Sign OnSSO - SIngle Sign On
SSO - SIngle Sign On
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConference
 
Oauth2.0
Oauth2.0Oauth2.0
Oauth2.0
 
Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
 

Similar a Single sign on - SSO

Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsSalesforce Developers
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industryAjit Dadresa
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application PlatformNugroho Gito
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex EnterpriseLa Lakis
 
Identity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicIdentity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicVMware Academy
 
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...irawan afrianto
 
SphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecuritySphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecurityYoav Crombie
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementManish Harsh
 
20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.ppt20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.pptVideoguy
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMulti_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMeetsolanki39
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itPeter Daalmans
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
SphereShield For Skype - Presentation
SphereShield For Skype - PresentationSphereShield For Skype - Presentation
SphereShield For Skype - PresentationAGATSoftware
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
Remote Management of Embedded Android Devices
Remote Management of Embedded Android DevicesRemote Management of Embedded Android Devices
Remote Management of Embedded Android DevicesVIA Embedded
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftHendrix Bodden
 

Similar a Single sign on - SSO (20)

International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected Apps
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industry
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application Platform
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex Enterprise
 
Identity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicIdentity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - Infographic
 
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
 
SphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecuritySphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and Security
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy Management
 
Sign On Express for BPO
Sign On Express for BPOSign On Express for BPO
Sign On Express for BPO
 
20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.ppt20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.ppt
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect Design
 
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMulti_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure it
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
SphereShield For Skype - Presentation
SphereShield For Skype - PresentationSphereShield For Skype - Presentation
SphereShield For Skype - Presentation
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
Remote Management of Embedded Android Devices
Remote Management of Embedded Android DevicesRemote Management of Embedded Android Devices
Remote Management of Embedded Android Devices
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoft
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 

Último

Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Último (20)

Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

Single sign on - SSO

  • 2. Introduction  Single sign-on is a method of access control  It is a user/session authentication process that permits a user to enter one name and password in order to access multiple applications  It authenticates the user for all the applications they have been given rights  It eliminates further prompts when they switch applications during a particular session http://www.ifour-consultancy.com Offshore software development company India
  • 3. Advantages  Reduced operational cost  Reduced time to access data  Improved user experience, as not many password to be remembered  Developer work is reduced  Centralized management of users, roles  Simplified administration http://www.ifour-consultancy.com Offshore software development company India
  • 4. Disadvantages  Difficult to retrofit: An SSO solution can be difficult, time-consuming, and expensive to retrofit to existing applications  Unattended desktop: Implementing SSO reduces some security risks, but increases others. For example, a malicious user could gain access to a user’s resources if the user walks away from his machine and leaves it logged in  Single point of attack: With single sign-on, a single, central authentication service is used by all applications. This is an attractive target for hackers who may decide to carry out a denial of service attack http://www.ifour-consultancy.com Offshore software development company India
  • 5. Types Of SSO  Password Synchronization  Legacy SSO (Employee/Enterprise SSO)  Web Access Management (WAM)  Cross Domain (realm) SSO  Federated SSO http://www.ifour-consultancy.com Offshore software development company India
  • 6. Password Synchronization  A process that coordinates passwords across multiple computers and devices and/or applications  Each computer, device, application still authenticates but behind the scene  Products: ◦ MTech’s P-Synch ◦ SecurePass ◦ SAM Pass Synch http://www.ifour-consultancy.com Offshore software development company India
  • 7. Password Synchronization  It is low in cost, have a low impact on the operations environment  In order for this to be a secure solution, the password that is captured must be stored in volatile memory and be passed encrypted via secure channels http://www.ifour-consultancy.com Offshore software development company India
  • 8. Legacy SSO(eSSO)  Enterprise or Employee SSO  After primary authentication, it intercepts further login prompts and fills them for automatically  E-SSO systems interoperate with applications that are unable to externalize user authentication by screen scraping  Screen Scraping: A type of software that captures the window information for an application’s authentication dialog box and stores the password in a database for when the dialog box opens in the future http://www.ifour-consultancy.com Offshore software development company India
  • 9. Two Types of eSSO  Script based ◦ Write a script that would take the target applications credentials and launch the application ◦ Requires modification of desktop icons  Application wizard based ◦ Runs a service on the client that continually monitors the workstation for login dialog boxes ◦ Event based, cheaper, and easier to deploy http://www.ifour-consultancy.com Offshore software development company India
  • 10. Basic Web SSO (WAM)  Also known as Web access management  It is browser based application  Cookie support is required  Authentication is achieved when user identification information is presented and stored in a cookie on the Web proxy server or a targeted Web server  The information in the cookie is retrieved each time the end-user attempts to enter a Web portal or new Web resource  Single sign-on to applications deployed on a single web server (domain) http://www.ifour-consultancy.com Offshore software development company India
  • 11. Cross Domain SSO  Multiple realms that manage user credentials  A user authenticated in one realm gets signed-on to an application using another realm typically with in the same enterprise http://www.ifour-consultancy.com Offshore software development company India
  • 12. Federated SSO  Extend SSO across enterprises  Liberty Alliance, OASIS, IBM/Microsoft  Advantages ◦ Establishment of trusted partnerships ◦ New revenue opportunities ◦ New, efficient, and production biz models http://www.ifour-consultancy.com Offshore software development company India
  • 13. Liberty Model for federated SSO http://www.ifour-consultancy.com Offshore software development company India
  • 14. References  http://en.wikipedia.org/wiki/Single_sign-on  Single Sign On Through Password Synchronization - Nancy Loveland  Web Single Sign-On Systems - Shakir James  White Paper – “The Realities of Single Sign-On”  Symbiosis Students  Gargi Shukla  Pankaj Sukhdeve  Siddharth Khurana  Ankit Sharma http://www.ifour-consultancy.com Offshore software development company India

Notas del editor

  1. Offshore software development company India – http://www.ifour-consultancy.com
  2. Offshore software development company India – http://www.ifour-consultancy.com
  3. Offshore software development company India – http://www.ifour-consultancy.com
  4. Offshore software development company India – http://www.ifour-consultancy.com
  5. Offshore software development company India – http://www.ifour-consultancy.com
  6. Offshore software development company India – http://www.ifour-consultancy.com
  7. Offshore software development company India – http://www.ifour-consultancy.com
  8. Offshore software development company India – http://www.ifour-consultancy.com
  9. Offshore software development company India – http://www.ifour-consultancy.com
  10. Offshore software development company India – http://www.ifour-consultancy.com
  11. Offshore software development company India – http://www.ifour-consultancy.com
  12. Offshore software development company India – http://www.ifour-consultancy.com
  13. Offshore software development company India – http://www.ifour-consultancy.com
  14. Offshore software development company India – http://www.ifour-consultancy.com