If the user has to enter different User ID and User password every time he access a service like printer, file server, it becomes overhead to the user to remember all the usernames and passwords. They tend to write them down and then the security is exposed. Managing user password and renewing them is an overhead to the administrators too. If user has to remember on password only enforce more security in to that password using longer passwords with higher entropy. SSO offers one time user authentication (User ID and Password) and he is good to access all the services. One bottleneck in achieving SSO is the inadequate system interoperability of services.
- Kerberos Authentication protocol that uses a KDC (Key Distribution center) and tickets, and is based on symmetric key cryptography
- SESAME(Secure European System for Applications in a Multi-vendor Environment) Authentication protocol that uses a PAS(Privileged attribute server like KDC) and PACs(Privileged attribute certificates), and is based on symmetric and asymmetric cryptography
- Security domains Resources working under the same security policy and managed by the same group
- Thin clients Terminals that rely upon a central server for access control, processing, and storage
No comments:
Post a Comment