File:OWASPSanAntonio 2006 08 SingleSignOn.ppt

Presentation given to OWASP San Antonio on August 23, 2006 by Vijay Kumar.

Abstract: Scattered software applications with differing security policies are a bane of today’s IT departments, consuming a large chunk of support and maintenance budget. Single Sign-On is one of the technical controls available to CIOs and CSOs for providing security in depth to a corporation while reducing maintenance costs. In this talk I will walk-through a typical SSO implementation from making a case for SSO to deploying and maintaining the SSO process. Multiple SSO architectures will be presented and merits and demerits of each of the architectures will be discussed. Commercial offerings and open source SSO tools in this space are also presented.

Presenter Bio: Vijay Kumar is a software architect with 15+ years of design and development experience in the retail, banking, insurance, and software tools domain. He is currently working as a technical lead with MSD Inc in Austin, TX. Prior to the current assignment, Vijay worked as an Enterprise architect with Lockheed Martin IT and an Applications Architect with Partnerware Inc.