+ All Categories
Home > Documents > SSO_Good_Bad_Ugly

SSO_Good_Bad_Ugly

Date post: 15-Aug-2015
Category:

Documents
Upload: steve-markey
View: 10 times
Download: 0 times
Download Report this document
Share this document with a friend
25
Single Sign-On (SSO): The Good, The Bad & The Ugly Steven C. Markey, MSIS, PMP, CISSP, CIPP/US , CISM, CISA, STS-EV, CCSK, Cloud + Principal, nControl, LLC Adjunct Professor
Transcript
Page 1: SSO_Good_Bad_Ugly

Single Sign-On (SSO): The Good, The Bad & The Ugly

Steven C. Markey, MSIS, PMP, CISSP, CIPP/US , CISM, CISA, STS-EV, CCSK, Cloud +

Principal, nControl, LLCAdjunct Professor

Page 2: SSO_Good_Bad_Ugly
Page 3: SSO_Good_Bad_Ugly

• Presentation Overview– SSO– Pros & Cons– Where Do We Go From Here– Examples

SSO: Good, Bad & Ugly

Page 4: SSO_Good_Bad_Ugly

Source: Flickr

Page 5: SSO_Good_Bad_Ugly

Source: Flickr

Page 6: SSO_Good_Bad_Ugly

Source: Flickr

Page 7: SSO_Good_Bad_Ugly

Source: Flickr

Page 8: SSO_Good_Bad_Ugly
Page 9: SSO_Good_Bad_Ugly

• SSO Standards & Categories:– Network: LDAP, Kerberos, RADIUS, RDBMS

–e.g., OpenLDAP, AD, Tivoli Access Manager– Federated: SAML, OpenID, OAuth, WS-Federated, XACML

–e.g., Keycloak, PingFederate, ADFS, RSA Federated

SSO: Good, Bad & Ugly

Page 10: SSO_Good_Bad_Ugly

SSO: Good, Bad & Ugly

Source: Microsoft

Page 11: SSO_Good_Bad_Ugly

SSO: Good, Bad & Ugly

Source: OASIS

Page 12: SSO_Good_Bad_Ugly

SSO: Good, Bad & Ugly

Source: OASIS

Page 13: SSO_Good_Bad_Ugly
Page 14: SSO_Good_Bad_Ugly

• SSO Ownership:– Business App Owners– Ecosystem: Partners / Vendors / Regulators– Centralized CIO / CISO– Decentralized CIO / CISO

SSO: Good, Bad & Ugly

Page 15: SSO_Good_Bad_Ugly

• SSO Implementation Pros & Cons:– Pros:

–Consolidated & Centralized –Uniform Standards & Reqs–Cost Savings: Support, etc.– Improved User Experience

– Cons:–Large Effort– Inflexible Requirements–Vendor Reliance–Single Point of Failure–Coding & Rework

SSO: Good, Bad & Ugly

Source: TechTarget

Page 16: SSO_Good_Bad_Ugly

• SSO Requirements = Ugly:– Users:

– Internal / External– Internal: Function, Role–External: Customers / Partners

–On-site / Remote = Jurisdiction– Applications:

–Thin / Thick– Internal / External–API / ERP / Office Automation / Cloud / Mobile / OLTP–Old / New–Prod / QA / UAT

SSO: Good, Bad & Ugly

Page 17: SSO_Good_Bad_Ugly

• SSO Requirements = Ugly:– Synchronization:

–Password–User IDs–Roles–Profile–Security Questions

SSO: Good, Bad & Ugly

Page 18: SSO_Good_Bad_Ugly
Page 19: SSO_Good_Bad_Ugly

SSO: Good, Bad & Ugly

Page 20: SSO_Good_Bad_Ugly

• Where Do We Go From Here:– Drive for Cost Savings– Common Standards = Options– Apps Web APIs

• Legacy Apps Will Still Be Around

– Cloud & Mobile SSO Requirements• Blurring Work / Personal Differential

– Users Want Options• Customers & Suppliers• Self-service

SSO: Good, Bad & Ugly

Page 21: SSO_Good_Bad_Ugly
Page 22: SSO_Good_Bad_Ugly
Page 23: SSO_Good_Bad_Ugly
Page 24: SSO_Good_Bad_Ugly

• Examples:– Financial Services

• ICE / NYSE: Multiple M&As, Large Portfolio of Apps

– Higher Education• Traditional / Online: Vendor Reliance

– Healthcare• HITECH / PPACA “Obamacare”: Digitizing Medical Records

SSO: Good, Bad & Ugly

Page 25: SSO_Good_Bad_Ugly

• Questions?• Contact

– Email: [email protected]– Twitter: @markes1– LI: http://www.linkedin.com/in/smarkey