Technology

Choosing from Various Single Sign-on Types

Internet and business costs can skyrocket when you are focused on clients and employees. Often a business sets out to create the very best environment and offer every new feature for the employees. This can, however, lead to excessive costs and software purchases. Complex systems can also be time consuming to use. Employees often use many different systems throughout the day, resulting in various log-in screens throughout the day. When choosing single sign-on options, consider these to enhance office computer use.

Portal Based  

When you want to take a step up from traditional sign-on, portal based SSO can help to initiate more efficient process with the choice of also bypassing the portal and using direct access when desired. It is important that proper credentials are retained when this is necessary. Otherwise access to target systems is determined by an array of elements. You can choose from something as simple as the time of day, or the user’s position in the group. Another popular option sis the original IP address. This particular option is most often used by companies that offer could-based web single sign-on options.

Traditional Web

There is no desktop software involved in this format. When it is necessary to work with thin or fat clients, this is not the option to choose. The software in question is placed in the web container of the guarded application. The software aims to manage the authentication of those attempting access. There is a strict process that follows when this format is used. The user tries to gain access to a certain web location and is first denied. They are sent to a sever that asks for their credentials. When these are approved, a cookie is given.

This cookie acts as a ticket to the initial website that access was requested to. The website then communicated with the authentication server to verify the cookie. Once everything is validated, access is granted. Other web locations in the same domain are then able to be visited with the same cookie. The new resource would then verify the cookie again with the authentication server. This process is the basic model for the majority of single sign-on options.

Federation

This option is a bit more personalized, as it is initiated by a group that consider themselves partners. It uses both a single sign-on and single logout process. This usually involves companies that want to allow their clients and employees to have access to the single sign-on services. You may want to think of this method as group of friends that have agreed on a passcode. The services are provided to the target audience by the companies themselves. Open protocols are often used that include Liberty ID-FF, WS-Federation, and SAML. This method requires efficient coordination, as each company plays an integral part in its implementation.

Businesses can use these, and other, forms of single sign-on applications to bring a more efficient sign-on process to their daily activities. When multiple employees and clients are involved, efficiency is key. When choosing your single sign-on format, consider the specific needs of your business.

Shares: