Spelling suggestions: "subject:"singlesign"" "subject:"single.sideband""
31 |
Řízení identit v bance / Identity management in the bankGustab, Tomáš January 2015 (has links)
The main focus of this thesis is to analyse the identity management of Czech bank. The author deals with the authentication and authorization of bank employees, the lifecycle of identities and also suggests the operational improvement of systems that relate to identity management. The aim is to show the view from every angle on identity management, highlight the problems and propose countermeasures, respectively measures to improve the identity management running.The main methods of research are analysis of documents, unstructured interview with employees and observation of systems operation. The benefit of this work is in providing author's opinion and recommendations, which can lead to an overall better running identity management in the bank.
|
32 |
Přístupová a komunikační bezpečnost v informačních systémech SAP / Access and communication security in SAP information systemsKarkošková, Soňa January 2012 (has links)
This diploma thesis deals with the methods used to ensure access and communication security in large-scale SAP information systems. It deals with the analysis of existing methods, compares them, and identifies how the methods are usable in the operation of large-scale SAP information systems, as well as it identifies methods that fail in this environment. Justification of methods usability is carried out. Attention is focused on the use and implementation of single sign-on safe authentication methods, secure sharing of user identity and secure communication within the framework of a large-scale SAP information system. In this thesis is carried out a design proposal of the architecture in order to ensure access and communication security in SAP information systems using the LDAP service, SNC Kerberos and single sign-on authentication. In the practical example is documented the detailed technical implementation of this architecture. Furthermore, this thesis deals with the specifics which exist especially in large-scale SAP information systems in the area of access and communication security and documents the appropriate ways to address them.
|
33 |
Authentifizierungs- und InformationsdienstWegener, Jens 27 September 2004 (has links)
Es werden Systeme zur Realisierung einer einheitlichen Authentifizierung von Nutzern im Hinblick auf WWW-Anwendungen an der Technischen Universtät Chemnitz und der damit verbundenen Übermittlung von Nutzerdaten untersucht. Shibboleth wird als ein prinzipiell mögliches System zur Lösung dieser Aufgabe in Form eines Tests näher betrachtet.
|
34 |
Användares perspektiv på Single Sign On, biometri och lösenordshanterareLjungberg, Robert, Björnström, Ludvig January 2022 (has links)
Eftersom användningen av lösenord och behovet av skyddade konton alltjämt växer i dagenssamhälle växer också frågan om IT-säkerhet. Webbsidor och appar på mobilen kan krävainloggningar som skyddar den information som ligger där. Det finns många tillvägagångssättvid inloggning, egna lösenord som man memorerar har länge varit ett självklart sätt logga inpå. Detta skapar dock osäkerhet då lösenord ofta upprepas på flera olika webbplatser ellerkonton. Flera lösningar finns idag för detta, Single Sign On (SSO), biometri ochlösenordshanterare. Dessa inloggningsmetoder används alltmer, men av växlandeanledningar. Människor vill att saker ska gå fort och att det sker med högbekvämlighetsfaktor, samtidigt som de vill skydda sin information från attacker eller förlustav denna. Var går egentligen gränsen och hur spelar detta roll i valet avregistrerings/inloggningsmetod? Den låga svarsfrekvensen för denna studie innebär attresultaten i denna undersökning inte anses pålitliga. Detta är en kvantitativ studie somundersöker användares syn på Single Sign On och biometri som ett alternativ tilllösenordshanterare. Detta är en kvantitativ studie som undersöker användares syn på Single Sign On och biometrisom ett alternativ till lösenordshanterare.
|
35 |
Decision Support framework: Reliable Federated Single Sign-onToufanpanah, Monir January 2017 (has links)
Identity management is a critical concept for enterprises, and it has turned to more challenging issue since businesses are significantly moving towards service oriented architecture (SOA) with the aim to provide seamless service delivery to their customers, partners and employees. The organizational domains are expanded to blur the virtual borders, simplify the business collaboration and maximize opportunities in the competitive market place, which explicitly shows the essentiality for federating the identities. Real-world identity comprises of different dimensions such as Law, Business, Policy, Technology and Society, therefore reliable digital identity management and successful federation are required to take these dimensions and complexity into consideration. Considering variety of academic and industrial researches that report on remarkable demands for identity federation adoption by enterprises, this study has approached federated Identity Management from technological point of view. Technologies provide tools and mechanisms to satisfy the business requirements and enable single sign-on capability in reliable federated platform. Different authentication technologies and standards have emerged to enable federated single sign-on (FSSO) implementation as a core service of the FIdM, each with different features and capabilities. This brings more complexity and confusion for experts and decision makers for FIdM adoption and development. To overcome this obstacle and accelerate the data collection and analysis process for decision makers, this research contributes to the filed by providing a conceptual framework to simplify the analysis of underlying technology for decision making process. In this framework 1) a list of state-of-the-art requirements and mechanisms for successful identity federation and reliable SSO is elaborated, 2) Six most prevalent standard authentication technologies along with latest specifications are analysed, explained and assessed against the defined criteria, and 3) several security and privacy consideration are gathered. The usage of framework is monitored and the efficiency of it is evaluated in 2 real business case scenarios by five IT experts and the result is reported.
|
36 |
Mitteilungen des URZ 4/2005Heik, Andreas, Müller, Thomas, Richter, Frank, Riedel, Wolfgang, Schmidt, Ronald, Trapp, Holger 21 November 2005 (has links) (PDF)
Informationen des Universitätsrechenzentrums
|
37 |
Implementace autentizace Cosign v PHP / Cosign Authentication in PHPKovářík, Jiří January 2008 (has links)
Master's thesis deals with issue of cookie-based central authentication services. Present-day methods of single sign-on are described. The specification of single sign-on mechanism Cosign and its authentication filter is closely viewed. Cryptographic algorithms needed by this filter are described, as well as their possible realization in PHP. Next, the implementation of Cosign authentication filter is described. Performance of the filter is tested and its future use is analysed.
|
38 |
A Comparative Analysis of SecurityServices Using Identity and AccessManagement (IAM)Muddychetty, Nithya Sree January 2024 (has links)
Background: Identity and Access Management (IAM) is a critical IT securityframework for managing digital identities and resource access. With roots datingback to ancient civilizations, IAM has evolved from basic authentication to sophisticated methods. Okta, a leading cloud-based IAM platform founded in 2009, excelsin identity management, authentication, and access control. It is recognized for itscommitment to security and adaptability to cybersecurity challenges. As of October2023, Okta maintains its prominent position in the IAM market, acknowledged byGartner’s Magic Quadrant for Access Management, worldwide. Objectives: The objective of this thesis is to conduct a comprehensive comparative analysis of security services, specifically focusing on their integration with IAMsolutions. This investigation seeks to provide an examination of security serviceslike Multi-factor authentication (MFA) and Single Sign On (SSO) and evaluate theireffectiveness in conjunction with IAM. By doing so, we aim to determine which security approach offers the most robust protection in our digitally interconnected world. Methods: The primary goal of this methodology is to create a robust, secure,and user-friendly authentication and access management system using Okta withinan IAM framework. This involves the integration of both MFA and SSO features.To kickstart the process, we establish a controlled environment that mirrors thereal-world scenarios. Okta is chosen as the IAM tool, and its deployment involvesmanaging user identities, controlling access, and handling authentication. Results: The result of the study on the comparative analysis of security servicesusing IAM reveals distinct differences in the effectiveness and features among securityservices. Key findings highlight variations in authentication methods, authorizationmechanisms, and overall security robustness. This comprehensive examination provides valuable insights into the strengths and weaknesses of different IAM-basedsecurity services, offering a foundation for informed decision-making in selecting themost suitable solution for specific organizational needs. Conclusions: This thesis conclusively demonstrates the efficacy of integrating SSOand MFA into IAM. The incorporation of Biometric Authentication and Time basedOne Time-Password (TOTP) in MFA garnered strong user preference. SSO implementation streamlined authentication, reducing steps and enhancing ease of use.The overwhelmingly positive user feedback and robust security measures validateSSO+MFA as a valuable contribution to IAM, ensuring data security and user confidence.
|
39 |
Undersökning av webbsidors säkerhet vid användning avFacebook Login : Vidareutveckling och analys av OAuthGuardHedmark, Alice January 2019 (has links)
Single Sign-On (SSO) är en autentiseringsprocess som tillåter en utvecklare att delegera autentiseringsansvaret till en dedikerad tjänst. OAuth 2.0 är ett auktoriseringsramverk som ofta står som grund för ett autentiseringslager som i sin tur möjliggör SSO. En identitetsleverantör är tjänsten som står för hantering av användaruppgifterna och autentiseringen, två vanliga identitetsleverantörer är Google och Facebook som i sin tur implementerar SSO med hjälp utav autentiseringslagren OpenID Connect respektive Facebooks egna autentiseringslager. Det har visat sig att många klienter som ska utnyttja SSO med OAuth 2.0 implementerar det fel så att säkerhetsbrister uppstår, studier har utförts med förslag till lösningar men många bristande implementationer fortsätter produceras och existera. Att skapa diverse verktyg för att främja säkerhet i dessa sammanhang är en metod där OAuthGuard utvecklats med visionen att även kunna skydda användaren, direkt från en webbläsare. OAuthGuard har även tidigare använts för att analysera säkerheten med Google SSO och visat att 50% av undersökta klienter har brister, men motsvarande studie eller verktyg saknas för Facebook SSO. Denna studie gjorde en motsvarande undersökning för Facebook SSO-klienter med en vidareutvecklad version av OAuthGuard och fann att de lider av brister med liknande trend som tidigare studies resultat mot Google-SSO-klienter, men att färre Facebook- SSO-klienter har brister i jämförelse. Vid vidareutvecklingen av OAuthGuard upptäcktes ett antal svårigheter och framtiden för denna typ av verktyg behöver vidare analyseras. Vidare analys behöver även göras för att bedöma om Facebook-SSO kan vara att föredra över Google-SSO ur säkerhetsperspektiv samt vidare utforskande av nya säkerhetsfrämjande metoder behöver utföras. / Single Sign-On (SSO) is an authentication process that allows a developer to delegate the authentication responsibility to a dedicated service. OAuth 2.0 is an authorization framework that often serves as a base for authentication layers to be built upon that in turn allows for SSO. An identity provider is the service that is responsible for handling user credentials and the authentication, two common identity providers are Google and Facebook that implement SSO with the authentication layers OpenID Connect respectively Facebooks own authentication layer. It has been shown that many clients using OAuth 2.0 as base for SSO make faulty implementations leading to security issues, a number of studies has proposed solutions to these issues but faulty implementations are continually being made. To create various tools to promote security in these contexts is a method where OAuthGuard has been developed with the vision to also directly protect the common website user directly from the browser. OAuthGuard has been used in an earlier study to analyze the security of clients using Google SSO and discovered that 50% of the analyzed clients had flaws, no comparable study has been done for clients using Facebook SSO, which is the second largest third party log in variant. This study made a comparable investigation for Facebook SSO clients with a further developed version of OAuthGuard and found that these clients suffer from flaws with a similar trend as the previous study with Google-SSO clients, although fewer Facebook-SSO clients suffer from these flaws. When further developing OAuthGuard a dumber of difficulties was discovered and the future of these kind of tools needs to be investigated. Further analysis needs to be done to assess if Facebook-SSO should be recommended over Google-SSO from a security perspective and also further exploration of new methods to promote security needs to be done.
|
40 |
Evaluation of Single Sign-On Frameworks, as a Flexible Authorization Solution : OAuth 2.0 Authorization Framework / Esnek Yetkilendirme Çözümü Olarak, Tek Oturum Açma Çerçevelerinin Değerlendirilmesi : OAuth 2.0 Yetkilendirme ÇerçevesiOdyurt, Uraz January 2014 (has links)
This work introduces the available authorization frameworks for the purpose of Single Sign-On functionality within an enterprise, along with the fundamental technicalities. The focus of the work is on SAML 2.0 and OAuth 2.0 frame- works. Following the details related to available protocol flows, supported client profiles and security considerations, the two frameworks are compared in accordance with a set of factors given in a criteria. The report discusses the possibilities provided by a Microsoft Windows based infrastructure, as well as different scenarios and their feasibility in an enterprise environment. The preferred framework, OAuth 2.0, is selected according to the given criteria and the comparative discussions.
|
Page generated in 0.0348 seconds