Single Sign-On for Mobile

Single Sign‐On for Mobile
Simplify Secure Mobile App Access to Enterprise Resources

Layer 7’s solution for mobile Single
Sign‐On (SSO) provides mobile
enterprise applications with a secure
method of authenticating and
authorizing users against existing
enterprise identity management
infrastructure. The solution includes
SDKs for most common platforms,
including Android and iOS.

The Challenge: Secure Mobile Access to the Enterprise
Learn More About Layer 7’s Mobile
Identity and authentication assurance needs to be balanced against the
Access Solutions
assets in use. When mobile apps leverage enterprise data and services,
 Phone
the risk of security being compromised is increased. The cost goes
+1‐800‐681‐9377
(toll free within North America)
beyond a tarnished brand name – breaches can put a business at risk.
or +1‐604‐681‐9377
 Email The Solution: Mobile Single Sign‐On
info@layer7.com Layer 7’s solution for mobile SSO simplifies the process through which
 Web   apps require users to sign in to the enterprise. The solution leverages the
www.layer7.com underlying security in a device’s operating system to effectively create a
 Facebook      secure sign‐on container for apps.
www.facebook.com/layer7
 Twitter Layer 7 offers a complete end‐to‐end, standards‐based and proven
@layer7 security solution for mobile SSO. This solution uses OAuth 2.0, OpenID
Connect and JWT standards. Communication is secured through Layer
7’s SecureSpan Mobile Access Gateway.
The Mobile Access Gateway is lightweight, low‐latency mobile
middleware with integrated security and management controls designed
to help enterprises safely and reliably expose internal assets to
developers and remote apps, as mobile APIs.
While the Gateway solves critical mobile‐specific identity, security,
adaptation, optimization and integration challenges, the mobile SSO
solution delivers SSO libraries for device developers. By providing a
simple API consumption layer on the mobile platform, all the complex
OAuth and OpenID Connect protocol handshakes between mobile device
and Gateway are abstracted out. The mobile app obtains an access
token using OAuth. The user context is shared across a group of
applications via OpenID Connect.
The client SDK is available for iOS and Android devices, while support for
other platforms is planned for future releases.

Copyright © 2013 Layer 7 Technologies Inc. All rights reserved.  SecureSpan and the Layer 7 Technologies design mark are
trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.

Features & Benefits

Features

 Flexible architecture with hooks for optional trust bootstrap via crypto material from
Multi‐layered approach   external sources (SIM, OTP, CAC)
to mobile security  Multifactor authentication for high assurance level protection
 Policy configured per app, user or device to tailor use cases

 Continuous device validation through One Time Password (OTP), for device registration
Validation of device
 Re‐registration procedure triggered by admin or usage patterns
and user identity  PKI provisioning

Lost device tracking    Track device activity (failed/successful) authentications
and blockage from    Track device location through GPS data or network services
admin portal  Revoke access to user, device and apps from admin view

 Integrate into Microsoft‐based security through Active Directory, ADFS and Claims
Integration with existing
 Extend CA SiteMinder directory service to mobile clients
backend identity
 Integrate with Oracle Access Management
management systems  Leverage LDAP directory services for client without custom client

Benefits

 Sign in once for all enterprise apps under the same domain
 Simplify PKI‐based certificate delivery and provisioning to mobile devices
 Deploy OTP for a higher assurance level
Mobile app security
 Enable multi‐factor authentication
 Integrate with HW security modules
 Enable context‐based authorizations

 Leverage client libraries to hide the complexity of OAuth and OpenID Connect
Mobile developer
 Provide UI elements for user sign‐in
enablement    Enable cross‐device token sharing with devices in proximity

 Enhanced user experience (UX)
 Minimal password typing
End user enablement
 Consistent UI for all enterprise apps across devices
and best‐in‐class user  Client‐side tooling skinned to service provider brand
experience  Transparent view of authorizations
 Control Center app to assist in SSO and enhanced features like cross‐device token sharing

 Access grant without browser redirection for authentication
 Leverage optimized tokens for mobile consumption
Mobile Access optimization
 Ensure seamless flow of sign‐in session as user switches devices
 Integrate with enterprise identity services

To learn more about Layer 7, call us today at +1‐800‐681‐9377 (toll free within North America) or +1‐604‐681‐9377.
You can also: email us at info@layer7.com; friend us on Facebook at facebook.com/layer7; visit us at layer7.com;
follow us on Twitter (@layer7).

Copyright © 2013 Layer 7 Technologies Inc. All rights reserved.  SecureSpan and the Layer 7 Technologies design mark are
trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.

Single Sign-On for Mobile

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (12)

Similar to Single Sign-On for Mobile

Similar to Single Sign-On for Mobile (20)

More from CA API Management

More from CA API Management (15)

Single Sign-On for Mobile