Page 103 - Cyber Defense eMagazine for July 2020
P. 103

Understanding the Types of Single Sign-On

               •  ENTERPRISE  SINGLE  SIGN-ON  is  considered  a  primary  authentication,  intercepting  login
                   requests when needed by secondary applications to complete the user and password fields. This
                   system lets one system interacts with other systems that might disable the login screen.



               •  WEB SINGLE SING ON or WEB SSO works with an application which can be accessed online,
                   and its works to verify a user on multiple applications by eliminating the need of getting identified
                   again.

                    The  proxy  server  then  intercepts  the  access  data  as  well  as  facilitates  the  communication
                   following the transferring the results to the computer that requested it. Unidentified users are sent
                   to an authentication service, returning a successful login.



               •  FEDERATED IDENTITY relies on an identity management solution that utilizes standards to let
                   application to identify clients without having them to go through the authentication process again
                   and again.



               •  OPEN ID is a decentralized SSO procedure that involves the storing of user IDS at a URL that
                   any server can approve.



            What are the Challenges Associated with Single Sign-On

               •  More robust passwords should be created. This is because if an SSO account is hacked, others
                   under the same authentication can easily get exposed to the attack.

               •  A breakdown with SSO at one site can affect all the linked sites. Therefore, it is important to
                   choose the right SSO system. It should be reliable and equipped with the plans to deal with
                   interruptions.

               •  Your SSO is affected by the problem in your identity provider. The provider's weakness in any
                   kind of interruption becomes your problem as well, and it might go beyond your control. Again,
                   you need to work with an efficient vendor.

               •  If a threat actor gets into your identity provider user account, all your linked systems are easily
                   getting vulnerable. This can be termed as a classic single point of failure and should be addressed
                   in the planning process. An efficient SSO provider ensures top-notch security.

               •  It is not easy to set up SSO due to the different environments.

               •  SSO is not recommended for the multi-user computers. After all, it causes sheer inconvenience
                   and security issues if other users use a machine that has logged in accounts of someone.






            Cyber Defense eMagazine –July 2020 Edition                                                                                                                                                                                                                         103
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   98   99   100   101   102   103   104   105   106   107   108