Abstract
This chapter focuses on the architectural approaches that can be taken while designing Single Sign-On (SSO) solution for a large IT infrastructure and on the security technology building blocks that can be used to construct such an SSO infrastructure. The chapter illustrates the complexity behind setting up an SSO infrastructure and mainly focuses on the SSO solutions that Microsoft makes available to its customers. The chapter begins with listing the pros and cons of SSO. SSO is advantageous for both users and administrators as they have to have to deal only with a single set of credentials, that is, one for every user. A good SSO solution is platform- and/or application-neutral: it hides the authentication implementation details on different operating system platforms from the SSO user and provides support to outsource the application-level authentication logic to a centralized SSO authentication authority. A comparison between web and enterprise SSO is presented with a detailed description of SSO architectures (both simple and complex). The chapter also discusses the concept of extended SSO and the possible approaches to overcome the challenges associated with it. Microsoft currently provides certain specific SSO technologies: the credential manager, Biztalk server and host integration server enterprise SSO, sharepoint portal server SSO, and active directory federation services. The chapter concludes with the internet authentication service, which is a Microsoft's implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy and recommends to keep an SSO solution simple and to build it on open standards.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
