WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)
      9  5.5  Privilege Management

Previous Topic/Section
5.5.2  Single Sign-on
Previous Page
Pages in Current Topic/Section
1
Next Page
 5.5.4  Auditing
Next Topic/Section

5.5.3  Centralized vs. Decentralized

In a centralized single sign-on, data is held at a certain location where authorization takes place. Today, Microsoft Passport is the most talked about centralized single sign-on service. The Liberty Alliance approach is that a company implements its own account service, conforming to the Liberty Alliance specifications for interoperability with other companies444. Note: VeriSign supports both Passport and Liberty.

In addition to Single sign-on being centralized or decentralized, privilege management can be centralized or decentralized. For example, all privilege management can be controlled by a central group of administrators. Alternately, privilege assignment can be delegated to the group specifically responsible for each server. For example, the Accounting Applications team might manage user privileges on the servers used for accounting functions. The SQL Server team might manage user privileges on the servers used to run the SQL Server database. Etc. Phase 2 adds ID specifications to web services. ID-SIS (IDentity Service Interface Specifications) are part of phase 3. The truce between Sun and Microsoft for 10 years (2004-2014445) should make it easier to have Passport and Liberty authentication interoperate.


 __________________

444. http://projectliberty.org/specs/index.html

445. http://news.com.com/2100-1014_3-5183848.html?part=rss

Previous Topic/Section
5.5.2  Single Sign-on
Previous Page
Pages in Current Topic/Section
1
Next Page
 5.5.4  Auditing
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.