Single Sign-On

Single sign-on (SSO) is mechanism whereby a single action of user authentication and authorization can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. Single sign-on reduces human error, a major component of systems failure and is therefore highly desirable but difficult to implement.

The Open Group does not prematurely or inappropriately attempt to standardize high-level product functionality, but instead endorses consolidated user administration systems which achieve "openness" by adhering to a LDAP-based meta-directory model, and which support a defined set of schemas registered by TOG, with associated test suites. (LDAP : Lightweight Directory Access Protocol)

To this end, an LDAP Profile Specification Working Group has been created and is tracking and contributing to the Internet Engineering Task Force (IETF) LDAP work.

If you are a member of The Open Group, you can follow Single sign-on issues either in the Security Group Minutes or the Management Group Minutes of the quarterly Members' Meetings.

Download the complete specification!
In PDF [free for Members; for purchase by non-Members] or HTML
(You can obtain a free Acrobat PDF reader for various computing environments.)

Introduction to Single Sign-On

Scope of the Single Sign-On Standard

    
© 1995-2010
     Sales Enquiries      Site Index