2-41-48_great - IJCSI International Journal of Computer...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
IJCSI International Journal of Computer Science Issues, Vol. 2, 2009 ISSN (Online): 1694-0784 ISSN (Print): 1694-0814 41 Web Single Sign-On Authentication using SAML Kelly D. LEWIS, James E. LEWIS, Ph.D. Information Security, Brown-Forman Corporation Louisville, KY 40210, USA Engineering Fundamentals, Speed School of Engineering, University of Louisville Louisville, KY 40292, USA Abstract Companies have increasingly turned to application service providers (ASPs) or Software as a Service (SaaS) vendors to offer specialized web-based services that will cut costs and provide specific and focused applications to users. The complexity of designing, installing, configuring, deploying, and supporting the system with internal resources can be eliminated with this type of methodology, providing great benefit to organizations. However, these models can present an authentication problem for corporations with a large number of external service providers. This paper describes the implementation of Security Assertion Markup Language (SAML) and its capabilities to provide secure single sign-on (SSO) solutions for externally hosted applications. Keywords: Security, SAML, Single Sign-On, Web, Authentication 1. Introduction Organizations for the most part have recently started using a central authentication source for internal applications and web-based portals. This single source of authentication, when configured properly, provides strong security in the sense that users no longer keep passwords for different systems on sticky notes on monitors or under their keyboards. In addition, management and auditing of users becomes simplified with this central store. As more web services are being hosted by external service providers, the sticky note problem has reoccurred for these outside applications. Users are now forced to remember passwords for HR benefits, travel agencies, expense processing, etc. - or programmers must develop custom SSO code for each site. Management of users becomes a complex problem for the help desk and custom built code for each external service provider can become difficult to administer and maintain. In addition, there are problems for the external service provider as well. Every user in an organization will need to be set up for the service provider’s application, causing a duplicate set of data. Instead, if the organization can control this user data, it would save the service provider time by not needing to set up and terminate user access on a daily basis. Furthermore, one central source would allow the data to be more accurate and up-to-date. Given this set of problems for organizations and their service providers, it is apparent that a solution is needed that provides a standard for authentication information to be exchanged over the Internet. Security Assertion Markup Language (SAML) provides a secure, XML- based solution for exchanging user security information between an identity provider (our organization) and a service provider (ASPs or SaaSs). The SAML standard
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/01/2010 for the course COMPUTING 11888 taught by Professor Bubis during the Spring '10 term at Athens Tech.

Page1 / 8

2-41-48_great - IJCSI International Journal of Computer...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online