Kruthi Neela and Niharika Avasarala ENTERPRISE SINGLE SIGNON
- Slides: 11
Kruthi Neela and Niharika Avasarala ENTERPRISE SINGLE SIGN-ON 6/7/2021 © Clemson University Fall 2009 1
Agenda ü What is Enterprise Single Sign-On? ü Why Enterprise Single Sign-On? ü Components and implementation of Enterprise Single Sign-On ü Multifactor Authentication – Better Security ü Benefits of Enterprise Single Sign-On 6/7/2021 © Clemson University Fall 2009 2
What is Enterprise Single Sign-On? The advent of client/server applications and the evolution of the Internet have increased the number of identities that we need to remember to a significant extent Single Sign-On : A mechanism which enables a user to access all computers and systems where he has access permissions without the need to enter multiple passwords through a single action of user authentication and authorization 6/7/2021 © Clemson University Fall 2009 3
Types of Single Sign-On can be broadly classified into three types Enterprise Single Sign-On This type of single sign-on caters to the authentication needs of a wide range of applications including mainframe, terminal and web applications Web Single Sign-On This offers single sign-on services to a wide user base including business partners and customers of an organization but is limited to web based applications Federated Single Sign-On This is an extranet browser based authentication mechanism which provides single sign on to both employees and business partners. The remote system grants access by validating identity assertions. 6/7/2021 © Clemson University Fall 2009 4
Why Enterprise Single Sign-On? 6/7/2021 © Clemson University Fall 2009 5
Components and Implementation of an Enterprise Single Sign-On system The components of an enterprise single sign-on system depends on the vendor providing the ESSO solution. Some of the most common components you find in any Enterprise Single Sign-On system are Central Data Repository Application/Web Server Directory Server 6/7/2021 © Clemson University Fall 2009 6
Components and Implementation of an Enterprise Single Sign-On system 6/7/2021 © Clemson University Fall 2009 7
Multifactor Authentication Efficient implementation of ESSO can provide various benefits not only for the users but for the overall organizational information security as well. But, a poorly implemented SSO system can in fact compromise an organization’s data security. It is a common practice for organizations to use multifactor authentication for more robust security. 6/7/2021 © Clemson University Fall 2009 8
Multifactor Authentication 6/7/2021 © Clemson University Fall 2009 9
Benefits of Enterprise Single Sign-On ü Cuts down the time wasted by users on password related activities ü Reduces help desk costs ü Reduces human error by maintaining data consistency throughout the organization ü Ensures secure storage of passwords by encryption and so avoids information leaks ü Lessens the responsibility of password protection schemes on users making it easier to enforce password policies ü Protects confidentiality by restricting access according to users and groups 6/7/2021 © Clemson University Fall 2009 10
Thank you … Questions? 6/7/2021 © Clemson University Fall 2009 11