Blog Home > Authentication Methods > Identity Management – How does SSO Work?

Identity Management – How does SSO Work?


identity-management-ssoOne of the most important reasons for instituting a single sign-on solution is Identity Management. Now, last time, I wrote about a fictionalized example of how to answer the question, “how does Single Sign-on work?” It was a lot of fun, but I only touched on the first step inherent in a functional Single Sign-on action: establishing identity. When it comes to identity management, single sign-on is build to take that established identity and leverage it across many accounts, applications or services – whichever the case may be.

Our new citizen in the city of the future has established an identity without any issues, and now we will see how this new life alongside an AI allows for simple identity management in a crowded world of services and goods which all require proof of authentication.

identity managementHow Does Single Sign-on Work?

Part II: Identity Management – a Tale of Two Cities

The dull roar of the gateway machinations gave way to the cacophony of city life: people hustling to and fro on errands of various natures. I quickly glimpsed a businesswoman in a neatly pressed suit rushing through the gate for individual business transport. A man carrying various art supplies sidled past me at a steady pace, humming to himself as he made his way towards the city square.

I was dumbstruck, lost in the beauty and the organization that operated before me. Various terminals and gateways stood apart from the mountainous buildings – each a sentinel for some service or destination. The citizens were never stopped and asked for papers or proof of identification – but each passing individual carried a personal item with the mark of the city embossed clearly upon it.

The token that holds the AI.

My last village felt so distance to me as my gaze touched the ever-flowing progress before me. It seemed that I was one of the few who remained in place – trying to get my grips on my newfound freedom.

In my previous home, waiting and halting progress was a daily expectation. Whereas the City was filled with businesses and services and progress held in its many high towers, my village consisted of substantially smaller buildings, in much lighter numbers. Technology hadn’t reached that far north, and it was not uncommon to be stopped several times between leaving your domain and getting your work done for the day just to verify whom you are.

We took it all in stride, but in comparison to what now lay before me – it was a nightmare.

“Excuse me,” I heard a disembodied voice announce, “but it would seem you still need to register a domain and a list of goods and services with the City Directory. If you would like, I can help show you the way.”

Lost in the magnificence before me, it took me a moment to locate the source of the sound: Baldur. I raised my wrist slowly, gazing at the screen with surprise and earnest – there was a clear path laid out before me, with my destination clearly marked.

“Thank you, Baldur.” I said aloud. “Let’s go!”

We arrived at the City Directory without delay. I was not stopped once on the way, not even when I stopped to purchase supplies that I would need for the return trip – my stay in the City would be a short one, as a permanent move could not be made for another week or two. The Directory was a central hub located just beyond the square in which the artist I had seen earlier had set up shop – it was a huge hexagonal building that blended seamlessly with the air of the city around it.

Baldur directed me through the lobby to a series of terminals – here too were guards who said little. It seems they were a backup for whatever verification the terminals handled in their day to day business. A slight ping announced the connection of Baldur to the nearest terminal, and a projection appeared.

“Please select the services you are most likely to use on a regular basis,” Baldur announced. “I have already registered your temporary domicile, and I have highlighted my recommendations based on your recent behavior.”

I smiled inwardly at that – I did not need to register again, and I even had a destination set up for my day to day base of operations. Baldur had handled everything.

I selected the services I would mostly be using: social networking, communications, file-sharing, and product procurement, and turned to leave the central directory.

A new voice broke the surrounding silence, coming from the terminal.

“Your selections have been saved, should you require additional services, your AI will henceforth be capable of establishing the required access. Enjoy your day!”

Again, I smiled – I couldn’t stop myself – because even if there was something I had forgotten, the proof of my identity and my credentials lay bare across my wrist. Nothing further was needed.

It was a grand day, filled with basic registration and procurement of services – all without the need to stop and prove that I belong. As a newcomer, I have never once felt more at home. I prepared for the return trip to my village, and I wondered at whether or not Baldur would be able to come along. In response to my open query, the AI responded with what almost sounded like humor, “Of course I will come. Whenever you have need of me, I will simply be there for you.”

Leaving the City was as simple as entering. The moment that I approached the gates, the expected machinations began and the gates roared to life. I walked through, nodded to the guard who made the slightest acknowledgement, and I began my final trip to where this all began.

The Importance and Ease of Identity Management

Identity management is a simple process when single sign-on is introduced as a solution. With the appropriate protocols and configurations in place (such as SAML, CAS or Shibboleth), an end-user will only need to login to the central portal to gain seamless access to each and every application that supports single sign-on.

Of course, our citizen of the future was given access to everything with little interruption, and the same is true for appropriate use of identity management. End-users don’t want to sign in to 19 different applications throughout the day – the added stress of forgetting credentials, locking out accounts, and generally being interrupted while trying to finish some necessary work can be a real progress halting sequence of events.

Identity management can help keep your end-users happy, and happy end-users are more productive – that’s what single sign-on is all about: increasing convenience and productivity while maintaining security and usability. The AI that accompanies our citizen is a fictional representation of various protocol tokens that serve as secure aspects of SSO that help verify the user to the service – all without interrupting the flow of things for the user. We might not be there just yet, but we have the ideas already in the works.

In my next article, the final entry in my illustration of the future with Single Sign-on, I’ll talk about achieving access without the need to authenticate again. After all, what good is identity management when you need to keep proving your identity all over again!

Increase Security

Please follow and like us:
Christopher Perry

Author: Christopher Perry

Christopher is a Technical Support Engineer and content generator here at PistolStar, Inc. He has a Master’s Degree in English from SUNY Albany, and enjoys reading and writing about all things: especially poetry, science fiction and fantasy. Christopher’s daily tasks see him using his customer service and IT experience to improve written content for PistolStar, Inc., while working with customers to provide the best experience possible.

Leave a Reply

Required fields are marked *.

Main menu