Single sign on SSO and federated identity

  • February 27, 2018 27 Feb'18

    New SAML vulnerability enables abuse of single sign-on

    Duo Security discovered a new SAML flaw affecting several single sign-on vendors that allows attackers to fool SSO systems and log in as other users without their passwords.

  • July 12, 2017 12 Jul'17

    Q&A: Ping CEO on contextual authentication, intelligent identity

    Ping Identity CEO Andre Durand talks with SearchSecurity about the data-driven move toward contextual authentication and intelligent identity and what this means for enterprises.

  • June 02, 2017 02 Jun'17

    Users' SSO information at risk after OneLogin security breach

    News roundup: OneLogin security breach puts SSO data at risk but is vague about the details. Plus, Gmail boosts its phishing detection features, and more.

  • January 12, 2016 12 Jan'16

    OAuth vulnerabilities must be fixed in the standard

    Researchers in Germany have found two OAuth vulnerabilities, which could allow attackers to break the authorization and authentication standard. And an expert said the fix must be made to the standard itself.

  • June 05, 2014 05 Jun'14

    OpenID Connect: Poised for greatness in enterprise authentication?

    Despite the popularity of SAML, the mobile and cloud benefits of OpenID Connect may spur adoption as an enterprise authentication platform.

  • September 30, 2008 30 Sep'08

    Sun launches open source OpenSSO for identity management

    Sun integrates access management, federation and secure Web services in its new OpenSSO Enterprise

  • June 26, 2008 26 Jun'08

    Startup Symplified delivers SSO in the cloud

    Mid-sized enterprises lack the money and expertise to implement identity management for Web-based services. Startup Symplified is banking on the software-as-a-service (SaaS) model as a solution.

  • April 02, 2008 02 Apr'08

    Kerberos security evolves for B2B, mobile tech

    Kerberos is a dominant authentication protocol, embedded in Windows, Solaris and multiple Linux flavors. But with new threats and new technology, an upgrade is in order.

  • March 12, 2008 12 Mar'08

    IBM acquires Encentuate for single sign-on software

    In a move to bolster its identity and access management capabilities, IBM has announced its acquisition of Encentuate, Inc., a private company in Redwood City, Calif.

  • February 08, 2008 08 Feb'08

    Security360: Identity management market

    Analyst Mark Diodati describes the leaders of the identity management market; IBM's Joe Anthony explains Big Blue's strategy and Novell's Dale Olds on user-centric identity.

  • December 10, 2007 10 Dec'07

    Top 10 access-related controls for PCI compliance

    Companies that identify, monitor, report and investigate audit trails and conduct risk analytics are taking the right steps to protect critical data, according to one expert.

  • September 05, 2007 05 Sep'07

    Flaws fixed in widely-used Kerberos program

    MIT has fixed a pair of flaws in its widely-used Kerberos program attackers could exploit to cause a buffer overflow and run malware on targeted machines.

  • February 05, 2007 05 Feb'07

    Integration migration

    Today John Swainson, president and chief executive officer of CA, will be making his first keynote speech at an RSA conference. Since joining CA in 2004, John has focused the company on its core strengths of systems, network, security and storage ...

  • June 28, 2006 28 Jun'06

    Looking ahead to life without passwords

    Security pros know that passwords are nothing but trouble. For them, single-sign on, two-factor authentication and federated ID represent the path to stronger authentication.

  • June 27, 2006 27 Jun'06

    Inside the numbers: Access (out of) control?

    In April, surveyed 358 IT professionals from a variety of industries regarding their identity and access management programs. Here is a look at some of the questions we asked and the answers they gave.