Sep 7 2018

What is single sign-on (SSO)? Definition from, single signon.#Single #signon


single sign-on (SSO)

Single signon

  • Share this item with your network:

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. On the back end, SSO is helpful for logging user activities as well as monitoring user accounts.

Single signon

Single signon Single signon

Download Now: Mobile Security Vendor Reviews and Ratings

Are your mobile devices secure against today’s threat landscape? Inside this guide discover 7 secret mobile security tips, top drivers for mobile security purchases, survey data on top mobile trends in 2017, peer reviews on mobile security vendors in the market today and more.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

In a basic web SSO service, an agent module on the application server retrieves the specific authentication credentials for an individual user from a dedicated SSO policy server, while authenticating the user against a user repository such as a lightweight directory access protocol (LDAP) directory.

Some SSO services use protocols such as Kerberos and the security assertion markup language (SAML). SAML is an XML standard that facilitates the exchange of user authentication and authorization data across secure domains. SAML-based SSO services involve communications between the user, an identity provider that maintains a user directory, and a service provider. When a user attempts to access an application from the service provider, the service provider will send a request to the identity provider for authentication. The service provider will then verify the authentication and log the user in. The user will not have to log in again for the rest of his session. In a Kerberos-based setup, once the user credentials are provided, a ticket-granting ticket (TGT) is issued. The TGT fetches service tickets for other applications the user wishes to access, without asking the user to re-enter credentials.

Although single sign-on is a convenience to users, it present risks to enterprise security. An attacker who gains control over a user’s SSO credentials will be granted access to every application the user has rights to, increasing the amount of potential damage. In order to avoid malicious access, it’s essential that every aspect of SSO implementation be coupled with identity governance. Organizations can also use two factor authentication (2FA) or multifactor authentication (MFA) with SSO to improve security.

Next Steps

Read about the top multifactor authentication products currently on the market and find reviews of Okta Verify and SecureAuth IdP MFA and SSO products.

Check out this buyer’s guide for healthcare organizations considering an SSO technology purchase and explore the various options available, including federated SSO.

Continue Reading About single sign-on (SSO)

Related Terms

Dig Deeper on Single-sign on (SSO) and federated identity

Users’ SSO information at risk after OneLogin security breach
Insecure OAuth implementations: How are mobile app users at risk?
OAuth vulnerabilities must be fixed in the standard
Users’ SSO information at risk after OneLogin security breach
OAuth vulnerabilities must be fixed in the standard
OpenID Connect: Poised for greatness in enterprise authentication?
Startup Symplified delivers SSO in the cloud
How has enterprise SSO technology evolved?
single-factor authentication (SFA)
logon (or login)
What factors should drive your choice of SSO service?
How has enterprise SSO technology evolved?
Delivering SSO: Postal Service simplifies passwords
SSO benefits: Security booster or improving end user experience?
How to make single sign-on simple and secure
When single sign-on fails, is a second SSO implementation worthwhile?
SaaS access management: Finding the best single sign-on technology
Identity management SSO security: Hardening single sign-on systems
Insecure OAuth implementations: How are mobile app users at risk?
How to mitigate Atlassian Crowd’s SSO vulnerability
Types of SSO: Comparing two vendors’ approaches to single sign-on
NSTIC identity plan: Can identity brokers stop Internet identity theft?


Find more PRO+ content and other member only offers, here.

Written by NEW-YORK

%d bloggers like this: