what is SSO

Question

I understand SSO as the one time login for all the applications connected. I would like to know more about SSO and how exactly it is achieved.

Answer 1

This is Donnie. He's a friend of mine.

The basic mechanism is to trust your friend's friend.

Another metaphor that's used is the sticker they give you when you enter a secured building. In the morning, you show your valid ID (credential) to the security person, and for the rest of the day, the sticker acts as the pass (token). When you come back next day, you have to show your ID again.

Key technology is how you trust your friend or security guy or anyone in hostile network. See how Kerberos or asymmetric encryption work.

Answer 2

Single Sign-on allows the end-user to login to a single portal and access multiple applications seamlessly, reducing multiple login screens and increasing security by having a central entry point.

Addressing end-users' complaints about having to remember multiple passwords is a common objective in many organizations. Having multiple login access points for web applications are not only a pain-point for the end-user, it is also a security risk that can leave your company vulnerable to network attacks. A single sign-on portal solution can eliminate the hassle of multiple password prompts and streamline access for the user. However, many SSO solutions are costly and difficult to implement to effectively handle all user access scenarios. Integration is especially difficult when attempting to allow the single sign-on experience to continue for external users, from customers, to partners, to vendors and even suppliers, who all want seamless access to hosted web applications.

I have recently been researching different SSO solutions- there are so many! I came across this little video and thought it was so clever! http://youtu.be/KTweSfRW18M?list=UUJD2scx1baSeUDSIk7N35Ww