Security

How Does Single Sign-On Authenticate Across Different Systems?

Single sign-on (SSO) authentication allows users to access multiple accounts, services, and applications utilizing a single login (such as a username and password). I use SSO quite often in both my professional and business life, as Google’s suite of applications (which I love) allows for simple authentication across different domains. As we all know, remembering passwords for each service we use can be a chore, so SSO makes life much easier.

SSO achieves multiple-system authentication by four main steps. First, for this example, a user is presented a website they wish to use. To gain access to the website, the site would send the user to a central SSO login tool, thus granting the ability for the user to enter their credentials. Next, the SSO domain would authenticate the entered credentials, either validate or deny the user, and then create a token for that user (if they are approved). Finally, the user would then be sent back to the original website they were trying to access, but this time, they would be in possession of an embedded token which would serve as proof of authentication; with this token, they can access any websites and applications that share the central SSO domain (Swoop, 2019).

SSO is quite secure with proper implementation as it eliminates the chance of using multiple weak passwords (and forgetting them) and makes it easier for administrators to manage and audit logins. By utilizing SSO, the vast number of usernames and passwords we have to remember (and are at risk for attack) are significantly limited, offering us the chance to focus on creating (and securing) a single, sophisticated SSO credential.

Trivia

What cipher was discussed at length in Edgar Alan Poe’s short story, The Gold Bug, how does it work, and what message was it used to encrypt?

In Edgar Alan Poe’s short story, The Gold Bug, mono-alphabetic substitution encryption was used to encrypt a secret message which held information for hidden treasure. By using letter frequency analysis, the cryptogram could be decrypted. Poe, in his story, provided his readers with the decryption technique, which merely replaces letters of the alphabet with other letters or symbols. In short, there are 26 letters in the alphabet; their many combinations make codebreaking difficult; however, it can be achievable by creating a cipher. By using the information Poe provided, the message “A good glass in the bishops hostel in the devils seat twenty one degrees and thirteen minutes northeast and by north main branch seventh limb east side shoot from the left eye of the deaths head a beeline from the tree through the shot out fifty one” can be decrypted.

 References

Swoop. (2019, May 30). What Is Single-Sign-On Authentication & How Does It Work? Retrieved March 30, 2020, from https://swoopnow.com/sso-authentication//.

Stallings, W. (2017). Network Security Essentials: Applications and Standards (Sixth). Pearson.

Rijmenants, D. (n.d.). The Gold-Bug. Retrieved March 30, 2020, from http://users.telenet.be/d.rijmenants/en/goldbug.htm

Categories: Security

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s