Explain Single Sign-On (SSO) and Federated Identity Management (FIDM).

-

 Single Sign-On (SSO)

An authentication procedure in a client/server connection in which the user, or client, enters one name and password and has access to several applications or resources inside a business. When going from one application to another, 'Single Sign On' eliminates the need for the user to enter additional authentications. Companies increasingly utilize Single Sign-On software to overcome the problem of utilizing the separate username and password combinations for multiple servers. This software allows the user to log in only once and control access to other systems. As indicated in the picture below, SSO uses a single authentication server to manage numerous accesses to other services.




The following steps describe how Single Sign-On software works: 

  • The user logs into the authentication server using a username and password.
  • The authentication server returns the user's ticket. The user sends the ticket to the intranet server.
  • The intranet server sends the ticket to the authentication server.
  • The authentication server sends the user's security credentials for that server back to the intranet server.
  • If an employee quits the organization, deactivating the user account at the authentication server prevents the person from accessing any of the firm's systems.

FEDERATED IDENTITY MANAGEMENT (FIDM)

The term FIDM refers to the technologies and protocols that allow a user to package security credentials across security domains. It uses Security Markup Language (SAML) to bundle a user's security credentials, as seen in the figure below:




Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more

Discuss classification or taxonomy of virtualization at different levels.

-
Image
Taxonomy of virtualization Virtualization is mainly used to emulate the execution environment, storage, and networks. The execution environment is classified into two: – Process-level – implemented on top of an existing operating system.  – System-level – implemented directly on hardware and does not or minimum requirement of the existing operating system. OR,  Virtualization covers a wide range of emulation techniques that are applied to different areas of computing. A classification of these techniques helps us better understand their characteristics and use  V irtualization is mainly used to emulate  ● Execution Environments: To provide support for the execution of the programs eg. OS, and Application.  ○ Process Level: Implemented on top of an existing OS that has full control of the hardware  ○ System Level: Implemented directly on Hardware and do not require support from existing OS.  ● Storage: Storage vi...
Read more

Short note on E-Government Architecture

-
Image
1)  Presentation layer The presentation layer identifies and describes the system users, who require access to government information at different capacities, and the channels through which information can be accessed.  During system development, one is required to explicitly identify the government user, the system is intended to serve, and also the means through which this information is to be accessed so that the system can be tailored to meet these requirements. It manages the user’s interface with the system. If a pro- project is to be successful, different stakeholders need to be identified at the beginning, involved in the initial stages and kept involved throughout development and implementation. 2) E-government layer E-government public services utilize very specialized applications that are only available to certain agencies and not all agencies participating in the consortium. The main goal of the e-government layer is to achieve a government that;  does not as...
Read more