Identity management
Darko Vranešić, Sun Microsystems, Croatia

Abstract:

The ubiquity of the Internet has made numerous applications available online to the general public, from banking to investment to shopping to paying bills to playing music. You name the task and a Web application is at your service. The single most important security safeguard for those tasks is the authentication of the user's identity. That is, the service provider must ensure that the person who's performing those tasks is the authorized user, not an imposter. That's where user IDs and passwords come into play as credentials to prove identity and as a prerequisite for authorized access to applications.

Within an enterprise, Single Sign-On (SSO) for all its applications in one login pass makes logistical and economic sense. Better yet, you can go a step further: implement federated identity and extend SSO across enterprises, thus reaping even more convenience and time savings for both organizations and users alike.