1. Single Sign On (SSO)
Benefits, challenges and case study
• Single sign-on (SSO)is a session/user authentication process that
permits a user to enter one username and password in order to
access multiple applications. The process authenticates the user for
all the applications they have been given rights to and eliminates
further prompts when they switch applications during a particular
3. Types of SSO
• Holy Grail
• Enterprise SSO
• Synchronization SSO
• Web SSO
4. HOLY GRAIL
• One identity gives you a single login.
• That single login to single directory gives you seamless access to all the applications.
• It is the most efficient ,secure and compliant way to do SSO.
ACTIVE DIR LOGIN
• Often also called as login automation.
• The end users login once, but behind the scenes the automation tool logs in to all the applications they
• The user has convenience but the IT staff still has to manage all the systems login, cause actual login still
happens to all the systems.
ACTIVE DIR Sync Tool
• A Sync Tool synchronizes all the directories and all the passwords across the system.
7. WEB SSO
• Allows the users which are coming remotely ,in a single login ,instead of multiple logins in multiple
8. Components of SSO process
9. ACTIVE DIR
• Saves Time and Efforts
• Fewer Passwords to Remember
• Reduced Phishing
• Reduced Operational Cost
• Fine Grained Auditing
• Effective Compliance
• Speeds Up Development
• Easier to Secure
• Resource Savings
• Rich User Experience
• Reduced headache of assisting users with password recovery
18. Who Uses Single Sign On ?
All trademarks, product names, and company names and logos appearing on this presentation are the property of their respective owners.
• “Keys to the Castle”: As single sign-
on provides access to many resources
once the user is initially authenticated
it increases the negative impact in
case the credentials are available to
other persons and misused.
• Single point of failure
20. • Therefore, single sign-on requires an
increased focus on the protection of the
user credentials, and should ideally be
combined with strong authentication
• Advance + Combined Methods
• smart cards
• one-time password tokens
• Fingerprint Scanner and Keystroke Dynamics
• Strict policies and standards
• Added cost
• Single sign-on also makes the authentication
systems highly critical; a loss of their
availability can result in denial of access to all
systems unified under the SSO. SSO can thus
be undesirable for systems to which access
must be guaranteed at all times, such as
security or plant-floor systems.
• Custom software development company India