Single sign-on and the government

5 posts / 0 new
Last post
Johnny Oxygen's picture
Johnny Oxygen
Status: Diamond Member (Offline)
Joined: Sep 9 2009
Posts: 1443
Single sign-on and the government

Single sign-on and the government.

I was watching Squawk on the Street on CNBC this morning (I know...) anyway they had this guy on from a company called Wave Systems. He was talking about their single sign-on technology for computers.

Single sign-on (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems.

http://en.wikipedia.org/wiki/Single_sign-on

I swear he said that the government was interested in it in some way. I can't find the video anywhere but I was thinking why would the government be pushing this technology? Shouldn't that be coming from the private sector like Apple or Microsoft?

My gut feeling on this is that if the government made the device mandatory the when they came and took your computer (under the Patriot Act) then they would have full access to all your blog enteries, web destinations, etc. I'm sure they can do that anyway but it struck me as eerie. Anyone else know anything about this? Here is all I have:

Single Sign-On For All Internet Users?

The CEO of Wave Systems

[WAVX  4.57    0.16  (+3.63%)   ]

is on Squawk on the Street this morning.  His company enables clients to know who is connecting to their computer systems.

That got us thinking ... should all Internet users be issued some sort of single sign on ID, giving them one sign-on and one password for all of their Internet access?

http://www.cnbc.com/id/41054421

rhare's picture
rhare
Status: Diamond Member (Offline)
Joined: Mar 30 2009
Posts: 1329
Re: Single sign-on and the government

SSO (Single Sign-On) has been the "Holy Grail" in IT for many, many years.  Many of the implementations are based on the Kerberos protocol which has been around for over 20 years. I have worked on Kerberos installations over much of it's existance.  It will generally work well on homogenous highly reliable networked platforms (all Windows, all Unix, etc), but in a heterogenous or unreliable network installations I have yet to see it work perfectly.  There are too many different vendors, custom developed code, etc.  While not impossible, it is fairly complex compare to a simple password authentication system (which many vendors/programmers can't even implement correctly).

Microsoft, being a very large player, made Kerberos part of their Active Directory system.  However, being Microsoft, they extended and tweaked the implementation so that it would only work with Microsoft products (as they do with nearly everything - there are standards, then there are Microsoft standards Surprised).   Now to maintain their advantage, they use the DMCA to pummel anyone who dares try to integrate other systems with theirs.  This is not very conducive for wide spread SSO.

The point to all this is I wouldn't worry too much about a SSO implementation from the government anytime soon.  Companies have been trying to make this stuff work for a very long time and have lots of problems, do you really think government involvement would help this situation?  One of the main problems with SSO is that it requires highly reliable networks, synchronized clocks and tight integration with products from multiple vendors - and that's just not a reality today. 

For technology related issues, I highly recommend checking out the "Electronic Frontier Foundation" (EFF).  They cover lots of issues related to privacy, free speech, etc.  Most people have no idea how many of their rights are being taken away by legislation in the technology area.  It's the reason I minimize use of any Apple or Microsoft products - I consider them just as evil as Monsanto at trying to take away your liberty.

 

 

 

Johnny Oxygen's picture
Johnny Oxygen
Status: Diamond Member (Offline)
Joined: Sep 9 2009
Posts: 1443
Re: Single sign-on and the government

Thanks for the info rhare.

You are ever helpful Laughing

James White's picture
James White
Status: Member (Offline)
Joined: Mar 14 2011
Posts: 1
SSO for gov.

SSO or single sign-on has already been implemented, it is widely used especially for the US Army. It is very convenient as I do not have to keep signing in to each portal. So it is implemented in the government.

Ken C's picture
Ken C
Status: Platinum Member (Offline)
Joined: Feb 13 2009
Posts: 753
sso
James White wrote:

SSO or single sign-on has already been implemented, it is widely used especially for the US Army. It is very convenient as I do not have to keep signing in to each portal. So it is implemented in the government.

 

Yes, I too have SSO for the organization that I work for so that I have the same sign on for all software products for that installation. I think the point of this though is that SSO that the gov would want would be for all sites and software that you might use. I suspect that is a long way off, if ever.

 

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Login or Register to post comments