SSO or Single Sign On is the process of verifying that the user identity is authentic. There are many ways to authenticate an user, from the now obsolete and inexpensive password to a biometric device. Each of them have pros and cons. We mention some of the most common methods where we can provide consulting and assist during the implementation.
What you know ...
One of the most popular password driven authentication method is Kerberos. Because
Nowadays is part of our daily life because it's used in all Microsoft Windows versions.
However, our opinion is that this method is obsolete and it should be phased out
immediately. Due to hundred of different password policies which each user is required
to remember when he/she browses on the daily basis, either the password is written in
somewhere, or is the same, thus making this method insecure. In addition, hackers
have tools which "cracks" a simple password in few minutes. The rule of thumb is that if
your password is easy for you, it's also easy for hackers.
We implement Kerberos authentication solution where Windows and UNIX, or other
Kerberos compatible packages, need integration and allow user a Single Sign On
between different applications.
What you have ...
PKI authentication is based on “what you have” — a private key related to
the certificate bound to only one person. PKI authentication is far more
resilient to hackers attacks, and does not require end-users to remember
anything, so it is stronger than a password.
We implement company PKI or providing you simple certificate
authentication for e-mails, file encryption, and/or HSM (Hardware Security