SSO vs Federated Identity? Intro identity providers | Difference between SSO and federated identity?
1.1 هزار بار بازدید -
4 سال پیش
-
SSO vs Federated Identity |
SSO vs Federated Identity | identity providers | Difference between sso and federated identity
There are many SSO solutions in the market. Active Directory (AD) is an example of a SSO because all domain resources joined to AD can be accessed without the need for additional authentication. SAP, Oracle, IBM and others offer SSO solutions for enterprise use. Okta, OneLogin and others specialize in single sign on for web applications.
What are the Advantages of Single Sign On (SSO) ?
To name a few of the many advantages provides an organization
Access logs – an SSO portal provides detail reporting on who accessed what
Session time – by eliminating credential reauthentication users spend less time on the authentication process leading to improved productivity.
Centralized database – one database that includes logs for authentication and authorization to support compliance and administration.
Fewer credentials means a lower chance of phishing – phishing emails and social engineering are nearly impossible
Reduce help desk costs – reducing the amount of credentials (passwords) translates to fewer help desk calls which are estimated at 20 – 50% of all help desk calls.
What are the Disadvantages of Single Sign On (SSO) ?
The main disadvantage of SSO is in its use of one set of credentials, if those credentials are not protected correctly and are stolen the thief has access to your entire kingdom.
Companies should always use a 2nd factor to login to SSO (at the very less), companies who take security seriously will use multi factor authentication (MFA).
The second less talked about disadvantage to SSO is the fact that while it provides single sign on it does not provide single sign off, the logoff process varies from application to application and depends on the settings of the application, user sessions usually stay active long after the user has completed his/hers use which can easily lead to session hijacking.
Federated Identity Vs. SSO
While the advent of SSO brought great convenience to users it left some holes unfilled.
For one, users have to rely on any given application to support multi-factor authentication (MFA) for additional protection. The user still has to remember all the different passwords for each site they’re using or resort to a password manager. SSO also creates potential security liabilities. For example, any user with login credentials for a specific service will continue to have access until their account is manually deactivated. This inevitably creates the scenario in which employees maintain access to company services long after they leave the company. It also results in the company still paying for licenses that are assigned to former employees. These factors can make SSO both costly and insecure.
Please follow and ask any question to our linkedin profile and twitter or our web site and we will try to help you with answer.
Linkedin
LinkedIn: softwiz-circle-86287b1ba
twitter
Twitter: soft_wiz
website
FB
Facebook: Softwiz-circle-113226280507946
Here Group of People are sharing their Knowledge about Software Development. They are from different Top MNC. We are doing this for community. It will help student and experience IT Pro to prepare and know about Google, Facebook, Amazon, Microsoft, Apple, Netflix etc and how these company works and what their engineer do.
They will share knowledge about Azure, AWS , Cloud, Python, Java,.Net and other important aspect of Software Development.
Contributors are -
1.Jeetendra Mandal
2. Balram Prasad
3. Manish Kumar
4. Reena
There are many SSO solutions in the market. Active Directory (AD) is an example of a SSO because all domain resources joined to AD can be accessed without the need for additional authentication. SAP, Oracle, IBM and others offer SSO solutions for enterprise use. Okta, OneLogin and others specialize in single sign on for web applications.
What are the Advantages of Single Sign On (SSO) ?
To name a few of the many advantages provides an organization
Access logs – an SSO portal provides detail reporting on who accessed what
Session time – by eliminating credential reauthentication users spend less time on the authentication process leading to improved productivity.
Centralized database – one database that includes logs for authentication and authorization to support compliance and administration.
Fewer credentials means a lower chance of phishing – phishing emails and social engineering are nearly impossible
Reduce help desk costs – reducing the amount of credentials (passwords) translates to fewer help desk calls which are estimated at 20 – 50% of all help desk calls.
What are the Disadvantages of Single Sign On (SSO) ?
The main disadvantage of SSO is in its use of one set of credentials, if those credentials are not protected correctly and are stolen the thief has access to your entire kingdom.
Companies should always use a 2nd factor to login to SSO (at the very less), companies who take security seriously will use multi factor authentication (MFA).
The second less talked about disadvantage to SSO is the fact that while it provides single sign on it does not provide single sign off, the logoff process varies from application to application and depends on the settings of the application, user sessions usually stay active long after the user has completed his/hers use which can easily lead to session hijacking.
Federated Identity Vs. SSO
While the advent of SSO brought great convenience to users it left some holes unfilled.
For one, users have to rely on any given application to support multi-factor authentication (MFA) for additional protection. The user still has to remember all the different passwords for each site they’re using or resort to a password manager. SSO also creates potential security liabilities. For example, any user with login credentials for a specific service will continue to have access until their account is manually deactivated. This inevitably creates the scenario in which employees maintain access to company services long after they leave the company. It also results in the company still paying for licenses that are assigned to former employees. These factors can make SSO both costly and insecure.
Please follow and ask any question to our linkedin profile and twitter or our web site and we will try to help you with answer.
LinkedIn: softwiz-circle-86287b1ba
Twitter: soft_wiz
website
FB
Facebook: Softwiz-circle-113226280507946
Here Group of People are sharing their Knowledge about Software Development. They are from different Top MNC. We are doing this for community. It will help student and experience IT Pro to prepare and know about Google, Facebook, Amazon, Microsoft, Apple, Netflix etc and how these company works and what their engineer do.
They will share knowledge about Azure, AWS , Cloud, Python, Java,.Net and other important aspect of Software Development.
Contributors are -
1.Jeetendra Mandal
2. Balram Prasad
3. Manish Kumar
4. Reena
4 سال پیش
در تاریخ 1399/10/07 منتشر شده
است.
1,158
بـار بازدید شده