In his session at the Cybersecurity for SAP Customers 2018 conference titled “Secure Authentication and Access Management with SAP Single Sign-On,” Kristian Lehment, senior product manager at SAP SE, provides an overview of the role of SAP Single Sign-On in secure authentication. He discusses the basics of the key technologies involved: Kerberos, X.509 certificates, and Security Assertion Markup Language (SAML). Lehment describes scenarios involved in safeguarding access management in the whole system environment. He then provides “more beef,” and describes advanced features including:
- Two-factor authentication, which requires a password and a physical device such as a cellphone
- Risk-based authentication: This risk-based approach balances security with usability. A dynamic approach that calls for the adjustment of the required authentication process during logon, it is based on contextual information and configurable rules.
- Secure Login Web Client (SLWC), which enables users to integrate an existing single sign-on solution for web and cloud applications with desktop clients. SLWC allows an authenticated browser session to trigger and monitor the desktop enrollment of a certificate.
- Digital signatures, which confirm that a document was created by a known sender and not tampered with during transmission. It also ensures that the sender cannot deny sending it.
- Secure Login Server (SLS) for mobile single sign-on with an X.509 digital
certificate technology. When the user accesses the SLWC page of the Secure Login Server, the session is authenticated using the standard SAML flow of the identity provider.
- SAP Single Sign-On for SAP Fiori clients on iOS using the SAP Authenticator app
- How to use the SAP Cloud Platform Identity Authentication service to support single sign-on from anywhere and on any device. This ensures simple and secure access to web-based applications with enterprise features such as password policies and easy consumer and partner onboarding via self-services.
You can learn more about SAP Single-Sign On at the Cybersecurity for SAP Customers 2018 conference, to be held in Prague from June 27 to 29. For more information, click here.