Abstract
Single Sign-On (SSO) projects are a special case of Identity and Access Management (IAM) projects. They are usually undertaken with the aim of increasing the user friendliness of Corporate IT systems’ user log-on processes. This should result in abolishing the use of multiple username and password combinations the user has to remember and change at different intervals. The SSO aim should be achieved without jeopardizing information security in any way. Increasing user convenience in such a manner will increase user satisfaction with the IT department along with general productivity levels.
Cost control related to IT help desks resetting forgotten passwords should follow.
SSO can also help organizations address information security compliance requirements, through the central logging (and audit facilities) of all access attempts and authorization decisions granted in relation to the organization’s restricted information resources. Sometimes compliance objectives are in fact the major business driver for SSO.
In the consumer space customer loyalty and retention rates are often cited as an important commercial driver for SSO projects.
With the advent of the de-perimeterized organization and increased scepticism around ‘Cloud Security’ is SSO still a viable worthwhile goal for organisations?
This paper takes a closer look at special security issues arising when an organization attempts to create an Enterprise Single Sign-On (ESSO) solution that includes both legacy applications hosted within traditional organizational firewalls and a new breed of ‘Cloud Based’ solutions that are following the Software as Service (SaaS) model and therefore can be hosted with any number of Service Providers (SP) ‘in the cloud’.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Lasance, M. (2011). Single Sign-on(SSO) to Cloud based Services and Legacy Applications “Hitting the IAM wall”. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9788-6_5
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)