Security Basics mailing list archives

RE: Universal Sign On? USO for everything?

From: Rodrigo Ramos <rodrigo.ramos () triforsec com br>
Date: Tue, 12 Jul 2005 14:00:28 -0300

Hi,

We are making some tests using 802.1x for authentication before network
access and using LDAP to store some accounts with it's "profile". Our
goal is to have a single sign-on.


Regards,
Rodrigo Ramos
http://www.triforsec.com.br
http://www.defenselayer.com






On Mon, 2005-07-11 at 19:10, David Gillett wrote:

  There are really two components to this, and neither is trivial.

  The first is applying authentication before network access, and 
is largely (...) addressed by 802.1X.  Remaining work revolves 
around legacy devices, userless devices (e.g. print and storage
servers), and agents for antivirus, etc.

  The second is applying the credentials from that initial login to
a variety of further systems, and again there are two critical pieces:

1.  Unified/synchronized account/password database.  Keyword is
"identity management".

2.  Transparent propagation of credentials.  Keyword is "single
sign-on".


Summary:  An awful lot of time and effort is already being expended
in this effort.  It is probably a much bigger problem than you realize,
although you have at least recognized some of the payoff that solving
it promises.

David Gillett

-----Original Message-----
From: Gautam R. Singh [mailto:gautam.singh () gmail com]
Sent: Thursday, July 07, 2005 3:03 AM
To: security-basics () securityfocus com
Subject: Fwd: Universal Sign On? USO for everything?

Hola List!

 Was wondering if there any program/software/project (present or
underdevelopment) which will integrated everything from say logging in
to ur local system, win2kdomain, samba shares, nis, exchange mail,
Instant messaging clients, VPN, applications, websites etc I know this
sounds far fetched? Is it possible as of now to do so though? Or may
be somthing like we may be using our id/pass (SSO) to even access
internet or renew my ip lease @ dhcp, like if my pass is valid dhcp
renews my ip lease else my ip dies and  I am unable to access anything
on the network.

Rgds 
Gautam

Current thread:

Fwd: Universal Sign On? USO for everything? Gautam R. Singh (Jul 11)
- RE: Universal Sign On? USO for everything? David Gillett (Jul 12)
  - RE: Universal Sign On? USO for everything? Rodrigo Ramos (Jul 13)
    - RE: SSL VPN Edmond Chow (Jul 18)
    - RE: SSL VPN Greg Owens (Jul 18)
    - Re: SSL VPN Florian Rommel (Jul 20)
    - Re: SSL VPN andrew . bretten (Jul 21)
    - Re: SSL VPN Eduardo Kienetz (Jul 22)
    - Re: SSL VPN Rodrigo Blanco (Jul 21)
    - Re: SSL VPN Eduardo Kienetz (Jul 20)
- Re: Universal Sign On? USO for everything? Alexander Bolante (Jul 12)
- Re: Universal Sign On? USO for everything? Information Services (Jul 12)