Single Sign-on in the Cloud
Single sign-on (SSO) allows companies to enforce access control policies across multiple applications in a consistent manner. In this article, Kunal Mittal discusses core concepts of how single sign-on can be extended from your enterprise to the cloud. Multiple mechanisms can be used to achieve SSO between traditional applications running in the data center and the SaaS applications.
The article begins by examinng some of the basic technology components required to support SSO. The article focuses on SSO for web-based applications rather than desktop SSO or enterprise SSO. Two key components are required for SSO: The policy/SSO server and the web application agent. Then the article presents three design approaches to achieving SSO between traditional data center-hosted applications and the SaaS applications:
1. Custom web application
2. SAML based
3. Automated provisioning
The conclusion of the article is that “establishing SSO with SaaS providers is a relatively easy task if well planned out. There are some things to watch out for, and the whole process requires good project management and expectation-setting skills to ensure that your project is successful.”