VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
Lecture #9 : Single Sign on and Federation Identity Management
1. djlogo.jpg
Lecture #9: Single Sign on and Federation Identity
Management
Dr.Ramchandra Mangrulkar
August 19, 2020
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 1 / 21
2. djlogo.jpg
Identity Management
Identity management refers to the policies, processes, and technologies that
establish user identities and enforce rules about access to digital resources.
People use the Internet to manage finances, access employer resources, shop,
and communicate.
Activity involves interacting with a service provider.
Typically require that each user have a digital identity.
Management of digital identity is an issue.
Hence, Identity management.
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 2 / 21
3. djlogo.jpg
Prior to Identity Management
Each service provider maintains a set of user identities
Users have many identities
Becomes a management burden
Creates potential points of failure
Privacy violations and identity theft
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 3 / 21
4. djlogo.jpg
Federated Identity Management
A Federation is a group of providers that trust each other’s credentials.
e.g. ATM card works with various bank federations such as Dena,SBI, HDFC
etc.
Sometimes called identity federation.
User can authenticate to one domain and then access resources in the other
domain without having to perform a separate login process.
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 4 / 21
5. djlogo.jpg
Single Sign On (SSO)
Single Sign-on (SSO) occurs when a user logs in to one application and is
then signed in to other applications automatically, regardless of the platform,
technology, or domain the user is using.
example, if you log in to a Google service such as Gmail, you are
automatically authenticated to YouTube, AdSense, Google Analytics, and
other Google apps.
example, if you have office 365 login, then u can easily access all the office
apps such as One Drive, Microsoft Power Automate, Power BI, Stream,
Yammer etc.
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 5 / 21
6. djlogo.jpg
Single Sign On (SSO) Components
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 6 / 21
7. djlogo.jpg
SSO Sessions
Single Sign-on and Single Logout are possible through the use of sessions.
Three different sessions for a user with SSO:
Local session maintained by the application
Authorization Server session, if SSO is enabled
Identity Provider session, if the user chose to log in through an Identity
Provider
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 7 / 21
8. djlogo.jpg
SSO Protocolsa
ahttps://auth0.com/docs/sso#saml-and-ws-federation
SAML and WS-Federation
Three different sessions for a user with SSO:
Local session maintained by the application
Authorization Server session, if SSO is enabled
Identity Provider session, if the user chose to log in through an Identity
Provider
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 8 / 21
9. djlogo.jpg
Demonstration of Single Sign On (SSO)
SSO concept is used to access Two different Applications viz. Power BI and
Power Automate with the help of office credientials.
Microsoft office credentials (Identity Management Server)
Microsoft Power BI (Application 1)
Microsoft Power Automate (Application 2)
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 9 / 21
18. djlogo.jpg
Demonstration of Federated Identity Management (FIM)
SSO and FIM together, Overleaf is accessed with the help of IEEE
Credentials, Google Credentials or Twitter Credentials.
Slideshare can be accessed with Linkedin and Facebook credentials.
Google Credentials (Identity Management Server)
Google Drive (Application 1) -SSO
Google Doc (Application 2) - SSO
Overleaf - FIM (IEEE, Google, Twitter)
Slideshare - FIM (Linkedin, Facebook)
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 18 / 21
21. djlogo.jpg
Self Study: Microsoft Active Directory Federation Service
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/ad-fs-
overview
Dr.Ramchandra Mangrulkar Lecture #9: Single Sign on and Federation Identity Management August 19, 2020 21 / 21