Single Sign-On
Single sign-on (SSO) is mechanism whereby a single action of user authentication and authorization can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. Single sign-on reduces human error, a major component of systems failure and is therefore highly desirable but difficult to implement.
The Open Group does not prematurely or inappropriately attempt to standardize high-level product functionality, but instead endorses consolidated user administration systems which achieve "openness" by adhering to a LDAP-based meta-directory model, and which support a defined set of schemas registered by TOG, with associated test suites. (LDAP : Lightweight Directory Access Protocol)
To this end, an LDAP Profile Specification Working Group has been created and is tracking and contributing to the Internet Engineering Task Force (IETF) LDAP work.
If you are a member of The Open Group, you can follow Single sign-on issues either in the Security Group Minutes or the Management Group Minutes of the quarterly Members' Meetings.
( OpenGroup: http://www.opengroup.org/security/sso/)
Single sign-on
Single sign-on (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems.
As different applications and resources support different authentication mechanisms, single sign-on has to internally translate to and store different credentials compared to what is used for initial authentication.
Contents
[hide]- 1 Benefits
- 2 Criticisms
- 3 Common Single Sign-On Configurations
- 4 Shared authentication schemes which are not single sign-on
- 5 See also
- 6 References
- 7 External links
( Wikipedia: http://en.wikipedia.org/wiki/Single_sign-on)
500
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
