AuthenticationWorld.com
The business of authentication
- Authentication Categories
- Password Authentication
- Single Sign On Authentication
- SSO and LDAP
- SSO Strategy and Policies
- SSO Business Case
- SSO Software
- SSO Management
- SSO Federation
- Enterprise Single Sign On
- Access Control Authentication
- Authentication - Enterprise Security
- Authentication Strength
- Authentication Transaction
- Authentication Management
- User Authentication
- Authentication Federation
- Biometric Authentication
- PKI Authentication
- Token Authentication
- Wireless Authentication
- Document Authentication
- Authentication -Outsourcing
Single Sign On Software
There is a wide variety of single sign on software to choose from.
Open Source
In the open source environment, the leading single sign on
software is
CAS
(Central Authentication Service) developed out of Yale university.
However, be warned that this
software lacks the flexibility to deal with a wide variety of
authentication devices, which has been common in commercial software
vendors for the past three to four years. It only accepts id and
password and digital certificates.
Further, this software has no built in user provisioning or federated
authentication. The ability to do this requires interfaces with other
open source software. This is again a divergent point from commercial
identity management software where identity management, provisioning,
single sign on, federation and regulatory audit reporting are now
integrated packages.
Therefore, if you're on a very limited budget, with lots of development
resources available and, the limitations as expressed above are not a
problem, then use CAS.
Hardware/Software Plug and Play SSO
The next step up the ladder are hardware/softare servers which
can be
rapidly deployed "plug and play" to provide single sign on. the best
example of this is Imprivata.
Their devices can work with legacy
systems, be rapidly installed and provide single sign on. Their
product also works with mutliple authentication devices to enable
stronger authentication. Theire product does not however provide
provisioning and federated identiifcation services. As a quick fix to
existing single sign on issues it is very good but limited in providing
an integrated suite required to address the enterprise identity
management problems.
SSO Identity Management Suite Vendors
Then there are the top tier identity management vendors, all of which have single sign on included in their product suite. These include Oracle, Sun, Computer Associates, HP, IBM, Novell, Entrust and RSA amongst others.
The product suites usually incude the ability ot do
delgated identity administration, identity provisioning and
deprovisioning, single sign on, federated identities, regulatory
compliance reporting and various role based access control. Not all
packages are equal. Caveat emptor. Hiring a knowledgable identity
management and single sign on consultant can avoid unnecessary expense,
years of frustration and the creaiton of security holes through poor
deployment of the product.
Finally, there is one company that focusses on federated identities and
authentication, Ping
Identity. Ping focuses on creating an external identity
bridge
between disparate identity management systems. It is an excellent
choice for doing identity federation either internally between
different business units or between your enterprise and others.
SSO Management
Password
Authentication
Single
Sign On Authentication Access
Control Authentication Authentication-Enterprise
Security Authentication
Strength Authentication
Transaction
Authentication
Management User
Authentication Authentication
Federation Biometric
Authentication PKI
Authentication Token
Authentication Wireless
Authentication Document
Authentication
Authentication - Outsourcing
