+ All Categories
Home > Documents > Single Sign On In Action

Single Sign On In Action

Date post: 20-Jan-2016
Category:
Upload: nikki
View: 41 times
Download: 0 times
Share this document with a friend
Description:
Authority of Information Technology Application National Center of Digital Signature Authentication. Single Sign On In Action. Ninh Binh, June 25, 2010. Main Contents. SSO Overview Introduce and demo OpenSSO Introduce and demo OpenID. SSO Overview. - PowerPoint PPT Presentation
Popular Tags:
18
Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010
Transcript
Page 1: Single Sign On In Action

Authority of Information Technology ApplicationNational Center of Digital Signature Authentication

Ninh Binh, June 25, 2010

Page 2: Single Sign On In Action

Main Contents Main Contents

SSO Overview

Introduce and demo OpenSSO

Introduce and demo OpenID

Page 3: Single Sign On In Action

SSO Overview SSO Overview

Single Sign On is a property of access control of multiple, related but independent systems. This property allows an user to login and gain access to all systems without logging in in each of them

A group of those linked systems is called a Federation .

A Federated Identity Management provides a standardized central system to manage users’ identities

Page 4: Single Sign On In Action

Roles in a federationRoles in a federation

End User

Identity Provider: Manage Users’ Identities Issue Identities Manage Users Authenticate Users’ Identities

Service Provider: Manage access to the service Check Users’s Identities from Identity Provider Manage Users’s Profiles

Page 5: Single Sign On In Action

Benefits of SSOBenefits of SSO

Reduce total cost of ownership Provides measurable ROI across the organization Helpdesk cost savings

Improve User Productivity and Convenience Reduce frustration of multiple log-on events Remembering passwords

Increase Security and Compliance Strengthen and centralize user access control Improved reporting and monitoring for regulatory compliance

Allow multi-factor authentication

Page 6: Single Sign On In Action

Some Open SSO Some Open SSO SolutionsSolutions

Page 7: Single Sign On In Action

OpenSSOOpenSSO

OpenSSO is an open source SSO solutions developed by Sun Microsystems Inc (now is subsidiary of Oracle)

OpenSSO provides access management by allowing the implementation of authentication, policy-based authorization, federation, SSO, and web services security from a single, unified framework

OpenSSO usually act as an Identity Provider in a Federation.

Page 8: Single Sign On In Action

What does OpenSSO What does OpenSSO do ?do ?

Page 9: Single Sign On In Action

What does OpenSSO What does OpenSSO provides ?provides ?

Access Control

Federation Management

Web Services Security

Identity Web Services

Page 10: Single Sign On In Action

Demo OpenSSO – Step Demo OpenSSO – Step 11

Demonstrate the use of digital certificates to login to Google Apps via OpenSSO

We used services provided by SSOCircle, base on OpenSSO

User go to Google Apps website

Page 11: Single Sign On In Action

Demo OpenSSO – Step Demo OpenSSO – Step 22

User is redirected to OpenSSO Login screen.

They can login using various of methods

Page 12: Single Sign On In Action

Demo OpenSSO – Step Demo OpenSSO – Step 33

After logging in, I was redirected back to Google Apps

I used a certificate issued by SSOCircle to login

Page 13: Single Sign On In Action

OpenIDOpenID

An open, decentralized protocols that allow end-users login to multiple services with a single identity

Simple and easy to deploy

Base on mature technology like HTTP, SSL/TLS, Diffie-Hellman

Open, patent free

Supported by a lot of major companies like IBM, Microsoft, Google, Yahoo, AOL.

Page 14: Single Sign On In Action

How does OpenID work How does OpenID work ??

Each OpenID is an unique URL http://thangnm.myopenid.com

The service provider discover and establish a secure connection with the identity provider

Redirect user to the Identity Provider to login

Redirect back to service provider website

Service provider check OpenID response and grant user access if authenticated.

Page 15: Single Sign On In Action

The popularity of The popularity of OpenID OpenID

1 billion OpenID accounts as of 12/2009

9 millions websites have integrated OpenID consumer support.

Major OpenID providers Google AOL Orange VeriSign Yahoo Microsoft

Page 16: Single Sign On In Action

Demo OpenID – Step 1Demo OpenID – Step 1

Facebook allows a Facebook account to be linked with an OpenID account.

In Account Settings screen, you can select an OpenID provider to link accounts with.

I selected Google and enter my Facebook password to continue

Page 17: Single Sign On In Action

Demo OpenID – Step 2Demo OpenID – Step 2

Facebook will redirect me to Google to login

I need to confirm once more to links the 2 accounts

From now on, after logging to Google Accounts, I will be logged in to Facebook automatically

Page 18: Single Sign On In Action

Thank you. Thank you.


Recommended