SlideShare une entreprise Scribd logo

Single sign on - SSO

Télécharger en tant que PPTX, PDF
A
Ajit Dadresa

Single sign on - SSO

Technologie
1  sur  14
Single Sign On - SSO
Introduction  Single sign-on is a method of access control  It is a user/session authentication process that permits a user to enter one name and password in order to access multiple applications  It authenticates the user for all the applications they have been given rights  It eliminates further prompts when they switch applications during a particular session http://www.ifour-consultancy.com Offshore software development company India
Advantages  Reduced operational cost  Reduced time to access data  Improved user experience, as not many password to be remembered  Developer work is reduced  Centralized management of users, roles  Simplified administration http://www.ifour-consultancy.com Offshore software development company India
Disadvantages  Difficult to retrofit: An SSO solution can be difficult, time-consuming, and expensive to retrofit to existing applications  Unattended desktop: Implementing SSO reduces some security risks, but increases others. For example, a malicious user could gain access to a user’s resources if the user walks away from his machine and leaves it logged in  Single point of attack: With single sign-on, a single, central authentication service is used by all applications. This is an attractive target for hackers who may decide to carry out a denial of service attack http://www.ifour-consultancy.com Offshore software development company India
Types Of SSO  Password Synchronization  Legacy SSO (Employee/Enterprise SSO)  Web Access Management (WAM)  Cross Domain (realm) SSO  Federated SSO http://www.ifour-consultancy.com Offshore software development company India
Password Synchronization  A process that coordinates passwords across multiple computers and devices and/or applications  Each computer, device, application still authenticates but behind the scene  Products: ◦ MTech’s P-Synch ◦ SecurePass ◦ SAM Pass Synch http://www.ifour-consultancy.com Offshore software development company India
Password Synchronization  It is low in cost, have a low impact on the operations environment  In order for this to be a secure solution, the password that is captured must be stored in volatile memory and be passed encrypted via secure channels http://www.ifour-consultancy.com Offshore software development company India
Legacy SSO(eSSO)  Enterprise or Employee SSO  After primary authentication, it intercepts further login prompts and fills them for automatically  E-SSO systems interoperate with applications that are unable to externalize user authentication by screen scraping  Screen Scraping: A type of software that captures the window information for an application’s authentication dialog box and stores the password in a database for when the dialog box opens in the future http://www.ifour-consultancy.com Offshore software development company India
Two Types of eSSO  Script based ◦ Write a script that would take the target applications credentials and launch the application ◦ Requires modification of desktop icons  Application wizard based ◦ Runs a service on the client that continually monitors the workstation for login dialog boxes ◦ Event based, cheaper, and easier to deploy http://www.ifour-consultancy.com Offshore software development company India
Basic Web SSO (WAM)  Also known as Web access management  It is browser based application  Cookie support is required  Authentication is achieved when user identification information is presented and stored in a cookie on the Web proxy server or a targeted Web server  The information in the cookie is retrieved each time the end-user attempts to enter a Web portal or new Web resource  Single sign-on to applications deployed on a single web server (domain) http://www.ifour-consultancy.com Offshore software development company India
Cross Domain SSO  Multiple realms that manage user credentials  A user authenticated in one realm gets signed-on to an application using another realm typically with in the same enterprise http://www.ifour-consultancy.com Offshore software development company India
Federated SSO  Extend SSO across enterprises  Liberty Alliance, OASIS, IBM/Microsoft  Advantages ◦ Establishment of trusted partnerships ◦ New revenue opportunities ◦ New, efficient, and production biz models http://www.ifour-consultancy.com Offshore software development company India
Liberty Model for federated SSO http://www.ifour-consultancy.com Offshore software development company India
References  http://en.wikipedia.org/wiki/Single_sign-on  Single Sign On Through Password Synchronization - Nancy Loveland  Web Single Sign-On Systems - Shakir James  White Paper – “The Realities of Single Sign-On”  Symbiosis Students  Gargi Shukla  Pankaj Sukhdeve  Siddharth Khurana  Ankit Sharma http://www.ifour-consultancy.com Offshore software development company India

Recommandé

SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101Mike Schwartz
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ONShambhavi Sahay
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
Single Sign On Considerations
Single Sign On ConsiderationsSingle Sign On Considerations
Single Sign On ConsiderationsVenkat Gattamaneni
 

Recommandé

SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101Mike Schwartz
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ONShambhavi Sahay
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
Single Sign On Considerations
Single Sign On ConsiderationsSingle Sign On Considerations
Single Sign On ConsiderationsVenkat Gattamaneni
 
Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOOliver Mueller
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World42Crunch
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancyDevam Shah
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
SRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationSRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationAmazon Web Services
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML Programming Talents
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseLance Peterman
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API ManagementApigee | Google Cloud
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuthDan Brinkmann
 
Iam presentation
Iam presentationIam presentation
Iam presentationAWS UG PK
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure ADNew Horizons Ireland
 
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onFast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onCraig Dickson
 
Single sign on
Single sign onSingle sign on
Single sign onRob Fitzgibbon
 

Contenu connexe

Tendances

Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOOliver Mueller
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World42Crunch
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancyDevam Shah
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
SRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationSRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationAmazon Web Services
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseLance Peterman
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
Iam presentation
Iam presentationIam presentation
Iam presentationAWS UG PK
 

Tendances (20)

Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSO
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
SRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationSRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and Authorization
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity Management
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
 
Iam presentation
Iam presentationIam presentation
Iam presentation
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
 

En vedette

Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onFast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onCraig Dickson
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptwebhostingguy
 
Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14Aileen Buckley
 
What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2Aileen Buckley
 
Sso cases Experience
Sso cases ExperienceSso cases Experience
Sso cases ExperienceVu Tran 14
 
CIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the ClientCIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the ClientCloudIDSummit
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case StudyEbizon
 
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014Geodata AS
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsCA API Management
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceCA API Management
 
Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)Brian Campbell
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPSAshish Jain
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSOAshish Jain
 
분산형 컴퓨팅 플랫폼 [에테리움]
분산형 컴퓨팅 플랫폼 [에테리움]분산형 컴퓨팅 플랫폼 [에테리움]
분산형 컴퓨팅 플랫폼 [에테리움]inucreative
 

En vedette (19)

Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-onFast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
 
Single sign on
Single sign onSingle sign on
Single sign on
 
Single Sign-On Best Practices
Single Sign-On Best PracticesSingle Sign-On Best Practices
Single Sign-On Best Practices
 
IBM Single Sign-On
IBM Single Sign-OnIBM Single Sign-On
IBM Single Sign-On
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
 
Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14Designing more engaging_maps_buckley_11-13-14
Designing more engaging_maps_buckley_11-13-14
 
What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2What's New for Cartography in ArcGIS 10.2
What's New for Cartography in ArcGIS 10.2
 
Sso cases Experience
Sso cases ExperienceSso cases Experience
Sso cases Experience
 
CIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the ClientCIS13: Mobile Single Sign-On: Extending SSO Out to the Client
CIS13: Mobile Single Sign-On: Extending SSO Out to the Client
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case Study
 
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
ArcGIS for Server, Portal for ArcGIS and the Road Ahead - Esri norsk BK 2014
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing Passwords
 
SSO - SIngle Sign On
SSO - SIngle Sign OnSSO - SIngle Sign On
SSO - SIngle Sign On
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConference
 
Oauth2.0
Oauth2.0Oauth2.0
Oauth2.0
 
Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)Mobile Single Sign-On (Gluecon '15)
Mobile Single Sign-On (Gluecon '15)
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
 
분산형 컴퓨팅 플랫폼 [에테리움]
분산형 컴퓨팅 플랫폼 [에테리움]분산형 컴퓨팅 플랫폼 [에테리움]
분산형 컴퓨팅 플랫폼 [에테리움]
 

Similaire à Single sign on - SSO

sso_on_new system with security is more concern
sso_on_new system with security is more concernsso_on_new system with security is more concern
sso_on_new system with security is more concern2022mt93375
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsSalesforce Developers
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industryAjit Dadresa
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application PlatformNugroho Gito
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex EnterpriseLa Lakis
 
Identity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicIdentity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicVMware Academy
 
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...irawan afrianto
 
SphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecuritySphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecurityYoav Crombie
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementManish Harsh
 
What is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnWhat is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnRiddhi Sood
 
20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.ppt20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.pptVideoguy
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMulti_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMeetsolanki39
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itPeter Daalmans
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
SphereShield For Skype - Presentation
SphereShield For Skype - PresentationSphereShield For Skype - Presentation
SphereShield For Skype - PresentationAGATSoftware
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
Remote Management of Embedded Android Devices
Remote Management of Embedded Android DevicesRemote Management of Embedded Android Devices
Remote Management of Embedded Android DevicesVIA Embedded
 

Similaire à Single sign on - SSO (20)

International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
sso_on_new system with security is more concern
sso_on_new system with security is more concernsso_on_new system with security is more concern
sso_on_new system with security is more concern
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected Apps
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industry
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application Platform
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex Enterprise
 
Identity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicIdentity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - Infographic
 
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
Implementation of Single Sign On (SSO) Technology Using SAML Standards At U...
 
SphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecuritySphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and Security
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy Management
 
What is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnWhat is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign On
 
Sign On Express for BPO
Sign On Express for BPOSign On Express for BPO
Sign On Express for BPO
 
20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.ppt20040928-Collaboration-Kosaka.ppt
20040928-Collaboration-Kosaka.ppt
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect Design
 
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMulti_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure it
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
SphereShield For Skype - Presentation
SphereShield For Skype - PresentationSphereShield For Skype - Presentation
SphereShield For Skype - Presentation
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
Remote Management of Embedded Android Devices
Remote Management of Embedded Android DevicesRemote Management of Embedded Android Devices
Remote Management of Embedded Android Devices
 

Dernier

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 

Dernier (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 

Single sign on - SSO

  • 2. Introduction  Single sign-on is a method of access control  It is a user/session authentication process that permits a user to enter one name and password in order to access multiple applications  It authenticates the user for all the applications they have been given rights  It eliminates further prompts when they switch applications during a particular session http://www.ifour-consultancy.com Offshore software development company India
  • 3. Advantages  Reduced operational cost  Reduced time to access data  Improved user experience, as not many password to be remembered  Developer work is reduced  Centralized management of users, roles  Simplified administration http://www.ifour-consultancy.com Offshore software development company India
  • 4. Disadvantages  Difficult to retrofit: An SSO solution can be difficult, time-consuming, and expensive to retrofit to existing applications  Unattended desktop: Implementing SSO reduces some security risks, but increases others. For example, a malicious user could gain access to a user’s resources if the user walks away from his machine and leaves it logged in  Single point of attack: With single sign-on, a single, central authentication service is used by all applications. This is an attractive target for hackers who may decide to carry out a denial of service attack http://www.ifour-consultancy.com Offshore software development company India
  • 5. Types Of SSO  Password Synchronization  Legacy SSO (Employee/Enterprise SSO)  Web Access Management (WAM)  Cross Domain (realm) SSO  Federated SSO http://www.ifour-consultancy.com Offshore software development company India
  • 6. Password Synchronization  A process that coordinates passwords across multiple computers and devices and/or applications  Each computer, device, application still authenticates but behind the scene  Products: ◦ MTech’s P-Synch ◦ SecurePass ◦ SAM Pass Synch http://www.ifour-consultancy.com Offshore software development company India
  • 7. Password Synchronization  It is low in cost, have a low impact on the operations environment  In order for this to be a secure solution, the password that is captured must be stored in volatile memory and be passed encrypted via secure channels http://www.ifour-consultancy.com Offshore software development company India
  • 8. Legacy SSO(eSSO)  Enterprise or Employee SSO  After primary authentication, it intercepts further login prompts and fills them for automatically  E-SSO systems interoperate with applications that are unable to externalize user authentication by screen scraping  Screen Scraping: A type of software that captures the window information for an application’s authentication dialog box and stores the password in a database for when the dialog box opens in the future http://www.ifour-consultancy.com Offshore software development company India
  • 9. Two Types of eSSO  Script based ◦ Write a script that would take the target applications credentials and launch the application ◦ Requires modification of desktop icons  Application wizard based ◦ Runs a service on the client that continually monitors the workstation for login dialog boxes ◦ Event based, cheaper, and easier to deploy http://www.ifour-consultancy.com Offshore software development company India
  • 10. Basic Web SSO (WAM)  Also known as Web access management  It is browser based application  Cookie support is required  Authentication is achieved when user identification information is presented and stored in a cookie on the Web proxy server or a targeted Web server  The information in the cookie is retrieved each time the end-user attempts to enter a Web portal or new Web resource  Single sign-on to applications deployed on a single web server (domain) http://www.ifour-consultancy.com Offshore software development company India
  • 11. Cross Domain SSO  Multiple realms that manage user credentials  A user authenticated in one realm gets signed-on to an application using another realm typically with in the same enterprise http://www.ifour-consultancy.com Offshore software development company India
  • 12. Federated SSO  Extend SSO across enterprises  Liberty Alliance, OASIS, IBM/Microsoft  Advantages ◦ Establishment of trusted partnerships ◦ New revenue opportunities ◦ New, efficient, and production biz models http://www.ifour-consultancy.com Offshore software development company India
  • 13. Liberty Model for federated SSO http://www.ifour-consultancy.com Offshore software development company India
  • 14. References  http://en.wikipedia.org/wiki/Single_sign-on  Single Sign On Through Password Synchronization - Nancy Loveland  Web Single Sign-On Systems - Shakir James  White Paper – “The Realities of Single Sign-On”  Symbiosis Students  Gargi Shukla  Pankaj Sukhdeve  Siddharth Khurana  Ankit Sharma http://www.ifour-consultancy.com Offshore software development company India

Notes de l'éditeur

  1. Offshore software development company India – http://www.ifour-consultancy.com
  2. Offshore software development company India – http://www.ifour-consultancy.com
  3. Offshore software development company India – http://www.ifour-consultancy.com
  4. Offshore software development company India – http://www.ifour-consultancy.com
  5. Offshore software development company India – http://www.ifour-consultancy.com
  6. Offshore software development company India – http://www.ifour-consultancy.com
  7. Offshore software development company India – http://www.ifour-consultancy.com
  8. Offshore software development company India – http://www.ifour-consultancy.com
  9. Offshore software development company India – http://www.ifour-consultancy.com
  10. Offshore software development company India – http://www.ifour-consultancy.com
  11. Offshore software development company India – http://www.ifour-consultancy.com
  12. Offshore software development company India – http://www.ifour-consultancy.com
  13. Offshore software development company India – http://www.ifour-consultancy.com
  14. Offshore software development company India – http://www.ifour-consultancy.com