Article Idea:
DISCUSSION: Single Sign On, and unified authentication systems. (LDAP, AD, etc)
suggested by duran goodyear on 2006/05/12
I’m looking for thoughts, concepts, best practices in Single Sign On systems using LDAP and the like.
Theres an internal debate at my place of employment of the security realities behind single sign on with a portal, which in design allows a user to get to all levels of responsibility with one sign on (until a time out period passes of course).
How do other large organizations handle it, and at what line to you say “no, you have to login again to get to this part of the system.”
Thank you.
Want to see this idea turned into a story?
0 people said yes. | 0 people said no.
Jonathan Baker-Bates
17 Reputation points
Posted 2006/05/30 @ 09:17AM with
One way of determining this is to perform a security audit and rate each asset in terms of impact of loss or damage (eg breaking into a timesheet system vs changing an employee salary scales spreadsheet, etc). This is traditionally done for the purposes of disaster planning, but I suppose it could be used in the context you mention. I did one once. Lord it was boring, and it took about three weeks.