Home  >  Subjects  >  Computers / IT / Internet  >  current page My Profile

SSO With an Example ApplicationResearch Paper

Pages: 24 (8360 words)  |  Style: APA  |  Sources: 20

Custom Writing

¶ … SSO is so reliable

Single sign-on (SSO) is a session/client verification handle that allows a client to use a single password and name combination, and be able to access other applications. The procedure validates the client for all the applications they are allowed to and wipes out further prompts when they switch applications within the session. Most managers and security workforce are introduced generally to two SSO's - non-Web-based and Web-based (or legacy) SSO - and various tasks that could be clubbed under single sign-on. Actually there are many kinds of SSO, single sign-on in software and hardware structures, and customer-requirements oriented as against server-side arrangements. The five commonly used ways of Single Sign-On in utilization as of now are: Web Single Sign-On; Enterprise Single Sign-On; Kerberos (or Ticket/Token Authentication); Open ID and Federation or Federated Identity. The critical SSO arrangements are: The SSO with JAAS; SSO Appliance and IBM ThinkPad Notebook Fingerprint Reader. In order to avoid duplicity of operations in security catalogs for clients, the SSO coordinates with the clients and the server, for example, LDAP and Microsoft Active Directory. Amongst the most advanced uses of SSO can most probably be seen in use in IBM ThinkPad Notebook R51/R52 that incorporate an inherent facility allowing user to access disparate applications like Windows, other software applications as well as browsing on the Web through a single sign-in. The sign-in process is simple. All one has to do is swipe his fingers over a palm shaped ridge that contains a sensor and allows entry on recognition of the pattern. Towards addressing the issues of accessing software on entirely different platforms and verticals, which seems to be a daunting task, given varying structural structures, LDAP is consolidated with JAAS (Java Authentication and Authorization Service), thus providing together, a solid security structure.

Introduction

Users face the onerous issues of juggling with passwords and username combinations quite often when working on disparate platforms, applications, and are prompted for each such instance. Emerging SSO technology has eased their workflow largely. Single sign-on has evolved, considerably, and continues to do so, to address the issues faced by workers in the IT field and applications therein. This work presents some of the SSO techniques in use today. 'Real' SSO, by itself is not a single entity. It is a general term used for all those techniques and devices or combinations that aim to lessen the burden of multiple log-in instances within a session. It is more of an arrangement that helps end-users and managers of systems alike in accessing their work seamlessly with the added benefit of security and consistency of the enterprise, thereby making it easier to work around tasks easily without the danger and risks of hacking, stealth, or impersonation. The browsing on net, different platforms and legacy applications that IT users and managers have to navigate through are not an easy ensemble to secure using a single point of entry, though. Each has its own set of queries, requirements, and security parameters that may vary greatly from the other. Effectually, SSO, at its minimal best can be a 'lessened' use of user-password combination that one may have to use on encountering promptings. However, SSO's have an obvious drawback- undesired, unauthorized access to a 'real' and 'solitary' SSO user-password combination could be disastrous for the entire organization and the ramifications could be far-reaching. This inherent security predicament is, however overshadowed by advantages that it offers to users, and it can be so designed to make it difficult, almost impossible, to access by unauthorized individuals (PistolStar, Inc., 2006). Each organization needs to look at its requirements and complexities closely and evaluate the need for the right SSO application out of the many different possibilities available in the way they are deployed, designed, and put to use.

My rationale for preferring SSO to biometrics

Scanning and precisely deciphering biological attributes cannot be impersonated, reproduced or replaced, as they are unique to each individual. Biometrics' use has been held in fascination for long when depicted in movies and fiction work. It is also widely used through fingerprints, audio signal processing, and recognition, scanning of facial features, especially eyes, in academic and more practical commercial and organizational applications for security and authentication for some time now.

The drawbacks of such use are also obvious- and injury or burn to the thumb or fingertips may be cause enough to be denied access to the whole system for the duration of the healing. Stained or soiled fingers are equally likely to be rejected during verification by the machine scanners. Even as the use of fingerprint techniques finds wider acceptability and use, the limitations detected in checking and calibration of these devices can become a cause for concern.

Verification through audio sensors that can authenticate a person using his unique voice, tone and rendering can and has been used in high-security zones for verification and identification measures for quite long, too. This feature did not do well enough to be applied in commercial sense and general public domain. The most apt application is probably when seeking passage to functions in the phones that people carry as these phones are already suited to transmit and receive audio messages. Modern phones, specially the cellular phones have advanced levels of signal conditioning and 'noise' filtering embedded into them by default. That makes using this sensor an attractive option for such devices. They are however hampered by the accent, tone, and extraneous factors like pressure and temperature variations, which could prove quite challenging at times. Also, physiological affectations carried by user through factors like cold or cough can cause rejection of recognition of an individual. Another concern regarding use of audio sensing technique is the possible use of recorded sounds by an impostor for gaining unauthorized entry into the system. Voice recordings have also been faulted for revealing our ethnicity and gender, and quite perceptibly, the emotional state and age of the user that are best kept secret.

Another physiological endowment recognized for uniquely identifying a user is the facial attributes that one possesses- the cheekbone, jaw-structure, shape of the nose and the eyes (specifically, the iris). The measurable quantities are the color, sizes, shapes, and exact distances between the features of relevance. Some advanced recognition systems have also incorporated accounting for moles and wrinkles, while others form a Three-dimensional view of the facial features. Applications of these notions appear on social media sites like Facebook and Apple's iPhotos that are however, way off the mark. Commercial applications are much more better qualitatively that these deployments, yet fail to distinguish as accurately as found in nature. facial recognition systems do not make for good authentication features even with the most advanced technologies prevalent today and parameters like light intensity, side-on postures, spectacles, smiles or made-up facial expressions, headgear or even haircuts or beards make the task difficult for the devices to verify and authenticate for the devices. Similarly, the physiological, wellness, age and injury can render the devices unable to account for the changes, making them unable to accept as reliable devices for verification of authorized users and allow or disallow entry to systems.

In terms of being unique and most difficult to impersonate, Iris of the eye compares well to the fingerprints. The recognition depends not on the color, rather on the texture of the iris of the client. However, this feature too has its drawbacks- the device will have to be held quite close to the face (eyes), and quite stably. The lighting needs to be stable, monochromatic, and bright. Ingestion of Medicines and drugs can cause dilation or contraction of pupils causing a deformation compared to the one in the pattern stored under normal conditions. Irises are prone to be duplicated and faked with the use of contact lenses similarly as voice recordings can be impersonated through recordings. These concerns have restricted the use of automation under human surveillance only as an aid and not a conclusive verification device all on its own (Duncan, 2013).

SSO solutions offer validation against loss of credentials. Experts in IT security domain, however, advice against use of single entry point to multiple platforms and legacy applications for obvious reasons- access to that solitary username-password combination could result in misuse of multiple accounts. That concern, is however, not wholly rational as SSO is not solitary in the strict sense of its literal connotation. SSO is used in coordination with SAML (Security Assertion Markup Language), which is based on XML, to provide access to the user through his AD (Active Directory) or LDAP (Light-weight Directory Access Protocol) profile. This authentication and verification procedure thus is an added layer of security to the existing layers that also doubles up as a procedure for IT security auditing and hence traces the paths and features, programs and directories accessed by the user. Any instance of breach or unauthorized access is thus asserted and can be attended to for further consideration (Lawton, 2015). The use and misuse of credentials is… [END OF PREVIEW]

Download Full Paper (24 pages; perfectly formatted; Microsoft Word file) Microsoft Word File

Job Portal Security


Cloud Computing Several Organizations Are


Protest Centered on Alleged Misevaluation of the


Human Resources in Organization Cgms


Enterprise Resource Systems


View 6 other related papers  >>

Cite This Paper:

APA Format

SSO With An Example Application.  (2015, February 27).  Retrieved September 20, 2017, from https://www.essaytown.com/subjects/paper/sso-example-application/4540713

MLA Format

"SSO With An Example Application."  27 February 2015.  Web.  20 September 2017. <https://www.essaytown.com/subjects/paper/sso-example-application/4540713>.

Chicago Format

"SSO With An Example Application."  Essaytown.com.  February 27, 2015.  Accessed September 20, 2017.
https://www.essaytown.com/subjects/paper/sso-example-application/4540713.

Disclaimer