© SANS Institute 2003, Author retains full rights
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
© SANS Institute 2003, As part of the Information Security Reading Room. Author retains full rights.
Russell Hobbs Page 1 10/6/2003
Considerations For Implementing Single Sign-On Within The Enterprise
Russell Hobbs
SANS GSEC Practical Assignment v.1.4b, Option 1
September 1, 2003
1 Abstract
The goal of this paper is to provide insight into many important areas that should be
considered before implementing an enterprise SSO system. It begins with a general
overview of an SSO system. Business management considerations are then discussed.
Technical and customer service considerations follow. Vendors and their solutions are
briefly covered. Some closing comments complete the paper.
2 Terms
API Application Programmer Interface.
Application A network based application accessed by a user.
Attribute A database field.
ESSO Enterprise implementation of Single Sign-On.
GUID Global Unique IDentifier.
Host A network attached server that hosts one or more applications.
JAAS Java Authentication and Authorization Service.
J2EE Java 2 platform, Enterprise Edition.
RDBMS Relational DataBase Management System.
SAML Security Assertion Markup Language
SLA Service Level Agreement
SSL Secure Socket Layer protocol [SSL]
SSO A “user authentication process that permits a user to enter one
name and password in order to access multiple applications.”
[TECHTARGET]
Target A network based application accessed by a user
TLS Transport Layer Security [RFC2246]
User An end user of an application. This may be a human or another
application.
剩余15页未读,继续阅读
资源评论
