Single Sign On

About This Presentation

Title:

Description:

Number of Views:387

Avg rating:3.0/5.0

Slides: 12

Provided by: andy83

Category:

Tags: com | microsoft | sign | single

Transcript and Presenter's Notes

Title: Single Sign On

1
Single Sign On

2
The Problem

Users have to authenticate to multiple systems
User name and password is the most common
authentication scheme
Users are required to remember multiple user
names and passwords, one per system
Why is this a problem?

3
Solution Single Sign On

Single sign on still employs user name and
password as most common method
However, users only need to remember one user
name and password to access all systems

4
Benefits

One sign on grants access to all resources
Users will be less likely to write down passwords
and hide the paper under a keyboard
Administration of user accounts and access
control is vastly simplified
Improved security through administration ease,
better control of account management

5
Implementations

6
Problems

Subject to standard password attacks
Once a password is compromised or an attacker can
create an account, access to all resources
allowed for that user is obtained
Central point of failure

7
Problems with Passport

8
Passport Attacks

Phishing attacker sets up fake merchant site
and redirects to fake passport.com, user enters
credentials
Man in the middle attacker intercepts
legitimate redirect to passport.com and redirects
to his own fake passport.com
DNS attacks passport relies on redirects to
passport.com for authentication

9
What is Microsoft Doing

10
Conclusion

Difficult to implement with legacy systems that
have proprietary authentication schemes
Will be more practical in the future

11
References

Passport risks http//avirubin.com/passport.html
Opengroup http//www.opengroup.org/security/sso/
Microsoft .NET Passport Review Guide
http//www.microsoft.com/net/services/passport/rev
iew_guide.asp

Write a Comment

User Comments (0)