Because users are usually accessing multiple systems and networks many times
within a given workday, differentsingle sign-on technologieswere created. This
enables a user to enter his or her credentials only once and remain authorized
throughout the day within the entire network. He can access different resources
within the environment without having to supply another set of credentials. This
makes life easier on users, because they will not need to remember (or write
down) several different passwords; it can make administration easier by controlling and maintaining one system that is responsible for all access requests.
There are four types of single sign-on technologies that are covered in this
section:
•Directory services
•SESAME
•Kerberos
•Thin clients
A security concern relating to single sign-on technologies is that if an attacker figures out a valid credential set, he can now access all resources within
that environment. Once he is in, he is really in.
No comments:
Post a Comment