Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SSO_Good_Bad_Ugly

945 views

Published on

  • Be the first to comment

  • Be the first to like this

SSO_Good_Bad_Ugly

  1. 1. Single Sign-On (SSO): The Good, The Bad & The Ugly Steven C. Markey, MSIS, PMP, CISSP, CIPP/US , CISM, CISA, STS-EV, CCSK, Cloud + Principal, nControl, LLC Adjunct Professor
  2. 2. • Presentation Overview – SSO – Pros & Cons – Where Do We Go From Here – Examples SSO: Good, Bad & Ugly
  3. 3. Source: Flickr
  4. 4. Source: Flickr
  5. 5. Source: Flickr
  6. 6. Source: Flickr
  7. 7. • SSO Standards & Categories: – Network: LDAP, Kerberos, RADIUS, RDBMS –e.g., OpenLDAP, AD, Tivoli Access Manager – Federated: SAML, OpenID, OAuth, WS-Federated, XACML –e.g., Keycloak, PingFederate, ADFS, RSA Federated SSO: Good, Bad & Ugly
  8. 8. SSO: Good, Bad & Ugly Source: Microsoft
  9. 9. SSO: Good, Bad & Ugly Source: OASIS
  10. 10. SSO: Good, Bad & Ugly Source: OASIS
  11. 11. • SSO Ownership: – Business App Owners – Ecosystem: Partners / Vendors / Regulators – Centralized CIO / CISO – Decentralized CIO / CISO SSO: Good, Bad & Ugly
  12. 12. • SSO Implementation Pros & Cons: – Pros: –Consolidated & Centralized –Uniform Standards & Reqs –Cost Savings: Support, etc. –Improved User Experience – Cons: –Large Effort –Inflexible Requirements –Vendor Reliance –Single Point of Failure –Coding & Rework SSO: Good, Bad & Ugly Source: TechTarget
  13. 13. • SSO Requirements = Ugly: – Users: –Internal / External –Internal: Function, Role –External: Customers / Partners –On-site / Remote = Jurisdiction – Applications: –Thin / Thick –Internal / External –API / ERP / Office Automation / Cloud / Mobile / OLTP –Old / New –Prod / QA / UAT SSO: Good, Bad & Ugly
  14. 14. • SSO Requirements = Ugly: – Synchronization: –Password –User IDs –Roles –Profile –Security Questions SSO: Good, Bad & Ugly
  15. 15. SSO: Good, Bad & Ugly
  16. 16. • Where Do We Go From Here: – Drive for Cost Savings – Common Standards = Options – Apps  Web APIs • Legacy Apps Will Still Be Around – Cloud & Mobile  SSO Requirements • Blurring Work / Personal Differential – Users Want Options • Customers & Suppliers • Self-service SSO: Good, Bad & Ugly
  17. 17. • Examples: – Financial Services • ICE / NYSE: Multiple M&As, Large Portfolio of Apps – Higher Education • Traditional / Online: Vendor Reliance – Healthcare • HITECH / PPACA “Obamacare”: Digitizing Medical Records SSO: Good, Bad & Ugly
  18. 18. • Questions? • Contact – Email: smarkey@ncontrolsec.com – Twitter: @markes1 – LI: http://www.linkedin.com/in/smarkey

×