Information Technology Reference
In-Depth Information
systems use for authentication purposes. Conversely, a single sign-off property logs out or
terminates access to multiple linked systems.
For example, cookies can be stored to achieve a simplistic version of single sign-on on
the same domain. The requirement of the single sign-on model is that the system handling
it must internally translate and store credentials for different mechanisms to enable consis-
tency of service to users.
There are three major benefits of using single sign-on:
It reduces password fatigue caused by different username and password combinations
for different systems.
■
It reduces time spent reentering passwords for the same identity.
■
It reduces IT costs due to lower number of IT help desk calls about lost or forgotten
passwords.
■
Federation
Federation
, or
federated identity
, is the means by which a person's electronic identity and
attributes are linked across multiple distinct identity management systems. Single sign-on
(SSO) is an example of federation.
Federated identity management (FIDM)
is used to maintain a common set of policies,
practices, and protocols for managing identity in IT systems and devices across organiza-
tions. There is also a need to manage trust between users and the organization, which can
be achieved by promoting best practices and policies and educating employees about the
advantages and disadvantages of technical interoperability between users and IT systems.
Implementing Guest and Host
Hardening Techniques
Guest and host hardening involve security techniques and algorithms that should be applied
to secure host and server systems. In the following sections, we cover disabling unnecessary
ports and services that could potentially become an opportunity for security attacks. We
explain why secure user credentials are important and how they can be enforced. Antivirus
software and security patching are also important aspects of implementing host hardening
techniques.
Disabling Unneeded Ports and Services
Disabling unnecessary ports and services reduces the risk of malicious attacks. Unix- and
Linux-based systems come with multiple utilities that can be conveniently used to see which
Search WWH ::
Custom Search