Single Sign-On


Single Sign-On (SSO) implies that once the Entity has been Identified, no further Authentications are required.

Typically, this is done through some form of Identity Broker application.

Many people confuse Consistent Sign-On (CSO) with Single Sign-On and often what Organizations end up with is Reduced Sign-On (RSO).

There are several specific implementations of Single Sign-On:

Often, Single Sign-On applications will implement a form of Identity Brokering to allow Cross-domain authentication and/or Cross-platform Authentication

Single Sign-On Scenarios#

Some of the more common Single Sign-On Scenarios.

Single Sign-On Security Considerations#

As Single Sign-On has grown to often include all Organizational Entity's Applications and perhaps even Federated Applications we now have all our eggs in one basket. Compromise of one entity's Password might allow access to HR Applications or to Financial Applications where the entity could have Administration permissions.

Perhaps we need a Graded Authentication

More Information#

There might be more information for this subject on one of the following: