With Single Sign-On a user needs only one user ID and password this eliminates the security headaches and vulnerabilities associated with multiple IDs / passwords. This solution simplifies and frees security administrators from the mundane task of assigning passwords, enabling them to perform much more important tasks that directly impact the success of your.

Single Sign-On considerations:

 Easy and simplicity to deploy and maintain

 Deliver maximum flexibility by working across all platforms, databases, and applications

 Out-of-the-box support for all relevant third-party technologies – such as Authentication, PKI, and smart cards — as well as open APIs for complete extensibility.

 Scalability from small focused user departments to large-scale global eBusiness enterprises.

 Easy to deploy and maintain, Can be implemented incrementally, delivering a quick return on investment.

What problem does it solve (technically)?

 Multiple login/user ID and password confusion

 Insecurity from having too many user IDS and passwords

 Administrative burden of password resets

 Unproductive user access

 Unrestricted network access

Business reasons for the technology

 Increase user productivity by providing manageable access to applications

 Increases security as users do not write passwords down

 Reduce Help Desk administration overload

 Provides only those applications/resources that the user/customer is authorized to access

 Can integrate with user administration product

 Works across all platforms including client/server and Web-based

 Open API authentication toolkit protects long-term investment

 Scalable to accommodate small user groups to large-scale global enterprises

 Easy to deploy and maintain

Single Sign-on Solution Design Considerations

The purpose of this section is to design and plan the Single Sign-On (SSO) implementation within the Client enterprise. During this Phase, the following goals will be accomplished:

Identify key solution and staffing components:

a. Resources

 Key roles:

o SSO Administrators

o SSO script writer(s)

o SSO Password Manager

o SSO Auditor(s)

o DB Manager (backup and maintenance)

 Define number of people to be trained

 Define person in charge for all technical issues that may occur during the implementation

b. Identify Hardware/software used in the organization

c. Define Applications for which SSO will automate the login process throughout the implementation phases

 Review how users currently launch these applications

 Document versions and platforms for these applications

d. Identify SSO Users:

 Groups where SSO can be piloted

e. Identify Server and Workstation availability:

Design Single Sign-On Architecture:

a. Review the client infrastructure from the SSO perspective

b. Document the system configuration/environment/OS, especially of the workstations:

Network configuration and design, Windows NT trust domains and other entitlements

c. Plan the number, type, and location of the different SSO components, based on the following criteria:

o Customer needs

o Network issues

o Geographic locations

o Hardware and software availability

o Crucial and central points

Design login / fail-over approach

a.Define the Hot Backup, loading balancing, and replication relationships that will be implemented

b.Develop an overall installation (rollout) plan, with schedules, resources required, etc.

c. Develop detailed, step-by-step procedures for installing the hardware and software, particularly on the client, paying particular attention to configuration issues.

d. Determine script/application approach and scope

e. Determine password change methods

f. Determine security policies

g. Develop a test plan