I was just reading something that someone forwarded me from Tech Republic I think (doesn't really matter as the author's e-mail address is included, so you can write there directly). This might interest you as you are looking into this technology right now.
>> WHY SINGLE SIGN-ON IS STILL A BAD IDEA >> Why are so many companies interested >> in single sign-on services and centralizing >> customer information when it's fairly >> obvious that (given a choice) consumers >> wouldn't choose to store this personal >> information online? >> >> Obviously, this is a rhetorical question. I >> understand that it's all about marketing. >> With detailed customer information >> available real-time in a large, distributed >> database, targeting marketing based on >> that information is bound to occur. And >> since such a data store is intended to be >> accessible across the Internet, abuse of >> this data, either intentional or by accident, >> is also likely. >> >> To me, the entire issue of single sign-on >> introduces the type of monitoring and >> access control issues that border on >> invasion of privacy. Not to mention that >> wily hackers, eager for the crown of >> "Ultimate Hack," will do whatever they can >> to find vulnerabilities and exploits on any >> large-scale database, like the one Passport >> provides and the one that Liberty Alliance >> Project proposes. >> >> Single sign-on services are a horrible >> simplification of authentication that is >> needed. I want to be authenticated when I >> try to view my bank account! I want to type >> in a different username and password when >> I need to! If one of my usernames and >> password gets compromised, at least it only >> gets compromised in one place. Most people I >> asked agreed that single sign-on is a bad >> idea, based on the explanation I just gave. >> >> So for now, count me out of being a >> participant in the Liberty Alliance Project. For >> that matter, I'm perfectly content keeping my >> multiple username and passwords for access >> to myself--which is where that information >> belongs in the first place. >> >> To comment on this TechMail, write to Jonathan Yarden. >> mailto:[EMAIL PROTECTED]?subject=Internet%20Security >> >> Jonathan Yarden is the senior UNIX system >> administrator, network security manager, and >> senior software architect for a regional ISP. Jon >> is also a member of the FBI InfraGard program, >> a partnership between the FBI and the private >> sector. JayW >>> "Vicki Vinson" <[EMAIL PROTECTED]> 11/11/01 08:40AM >>> Computer Associates has a Single Sign On app >>> "eko yulianto" <[EMAIL PROTECTED]> 11/08/01 10:29PM >>> Hello, I looking for software for Single Sign On and One Time Password solution for my company, does anyone know which software that I need to used or the best one ? Because I will implemented that requirement in many platform ( Win9x, W2K, AS/400, OS/390, ) and each platform have limited features for authentication process. Thank's for any help and comments. Eko Yulianto IT Security Menara Asia 3rd Floor Diponegoro 101, Lippo Karawaci Tangerang, Indonesia Phone: +62.21.5460666 ext.5335 Fax: +62.21.5460660 Post Office: 15810 E-mail:[EMAIL PROTECTED]
