Single sign-onBackgroundChallengesIndustriesSlide 5Questions?Single sign-onMike LaddNazia RaoofBret Walker Kumar MukherjeeRajesh RadhakrishnanBackgroundUser wants to log in onceAccess multiple applications or third party sitesLog in with his or her credentials/profileBusiness case: corporation has 15,000 retail storesloose more than $1,000,000 per year due to high labor costs associated with multiple authentication, unnecessary user clicks, forgotten passwords, firewall issuesChallengesBuild or Buy decisionsIntegration issues Still in infancy & little or no standardsHigh availability and Enterprise wide issuesService offerings vs. appropriate usersLicensing issuesWrite your own SSO server?Myriads of interfaces to writeBuy?Limited optionsProprietary implementationsLegacy applications, Email Solutions, Content Management solutions, Mainframe/Unix/Windows, owned solutionsAvailability of connectorsJOSSO/SAML emerging but in infancyOpen to whole world scenario if not carefully plannedIndustriesAgricultureAutomotiveTransportationConstructionEducation Financial ServicesGovernmentHealthcareReal EstateSSO technology is applicable to any industry involved in using multiple applications and multiple computers systems with authentication requirements:1. Users have enough to worry about in their pressure-packed jobs without having to remember multiple passwords for multiple applications and multiple PC terminals that they may have to use at work. 2. Cost are associated with users calling help desk for password resets3. Password inflation and security weaknesses raised by multiple logons.4. SSO access management infrastructure to control user access to its tools for product development, procurement and supply chain management, etc5. SSO allows users access to only applications and resources they have been authorized to access.Technology Pros ConsLDAP Widely used Might not be supported by app Complex coordinationKerberos Widely used Complex May not be open to outside worldCustom solution Fits needs exactly Single use Potentially more complex / insecureWindows Live ID Web-based Users may already have account Not widely supported Managed by third partyQuestions?Road Runners will discuss a solution for this issue on June 7, 2008. Don’t miss
View Full Document