Difference between revisions of "Authentication Protocols"

From MgmtWiki
Jump to: navigation, search
(Captive users and services)
(Federated or Open systems of users and services)
Line 11: Line 11:
  
 
===Federated or Open systems of users and services===
 
===Federated or Open systems of users and services===
 +
 +
In such an open system it is not often helpful for a user to be signed out of all web sites when they chose to sign out of (say) the purchase of concert tickets.
  
 
==Problems==
 
==Problems==

Revision as of 20:25, 11 July 2018

Full Title or Meme

A collection of Authentication protocols are compared and contrasted.

Context

Since Kerberos was released at MIT in 1999 as a means to allow Single Sign On by students and staff to the variety of systems available at the university, the combination of one user sign on to a variety of different services has been promoted as necessary in the variety of network services now available to users. There are two distinct cases and a wide range of intermediate cases that are addressed by authentication protocols:

Captive users and services

At MIT and at most corporations there is a pre-existing legal agreement that is signed by all users that applies to all services.

In such a closed system in makes sense to allow Single Log Out so that a user can close their connection and go home for the day.

Federated or Open systems of users and services

In such an open system it is not often helpful for a user to be signed out of all web sites when they chose to sign out of (say) the purchase of concert tickets.

Problems

Solutions

References