Single Sign-On Summit
The 2008 SSO Summit is pleased to offer attendees and sponsors the Summit presentations and notes from the Discussion Groups. This information will be removed from this site on September 30, 2008. Please do not freely share this information.
Speaker Presentations
Bob Brandt - Security Architect, 3M
Download Presentation: Implementing Federated SSO at 3M
A presentation about the approach that 3M used to provide interoperable and cost-effective, simplified Single Sign-On (SSO) in its multi-vendor environment. Standardization towards federated SSO between companies’ environments and some current open challenges will also be discussed.
Andrew Cameron - Enterprise Architect for SSO Technologies, General Motors
Download Presentation: GM’s Experiences Implementing Single Sign On (SSO)
Implementing identity management systems and associated best practices in your organization can give you a real competitive advantage. This session will discuss GM’s global SSO strategy and implementation experiences. It will describe GM's journey including lessons learned and some war stories that will help ensure the success of Identity Management at any company. The focus of the discussion will be on GM’s experiences with SSO, Identity data, processes, adoption, roll out and future possibilities.
Todd Clayton - President and CEO, Coreblox
Download Presentation: Identity Integration: The Key to Successful SSO
The core value of Single-Sign-On (SSO) is to enable a user to authenticate once and gain access to the resources of multiple systems thereby increasing security and providing a simplified and unified experience for application users. Several solutions, particularly on the Web Access Management side, have addressed the challenge of SSO at the application layer. However, often overlooked is the "behind the scenes" requirement of identity integration in cases where identities and credentials exist in multiple repositories. Without the ability to correlate and synchronize data and expose a unified profile, users can not be properly identified and integrated into a unified system and SSO cannot be successfully deployed.
John Haggard - Board of Advisors, Passfaces
Presentation Download: History of SSO - A Perspective from the Original Front Lines
SSO is a story of extremes. The history of SSO is a story of extreme complexities, compromises, vulnerabilities, and unintended consequences. This presentation will examine; the beginnings of what today is known as SSO, how we got to where we are, and why this authentication pioneer sees the explosion in Web Services (apps) and XML-based standards (controls) as the driver behind Identity Federation and why SSO is finally being addressed properly.
Patrick Harding - CTO, Ping Identity
Organizations have been grappling to solve Single Sign-On - the 'holy grail' of identity management – for close to 30 years. From the time an organization added that second application their users have been forced to enter multiple credentials. Unfortunately, as technology has gone through phase shifts everyone always conveniently forgets how to address SSO. As such, new technologies have been required every few years to re-address the SSO problem - from Kerberos, to PKI, to Enterprise SSO (E-SSO), to Web Access Management, to Web Services SSO, to Identity Federation and onwards to User-Centric Identity. In this presentation Harding will differentiate between all these SSO technologies and describe how most, if not all of these technologies are still relevant to the enterprise today.
Richard Kneeley - Director, Technology Practice, Security Identity Management, PWC
Download Presentation: Federation: An Essential Tool for Chrysler
The existing environment utilized a variety of solutions to establish SSO to third party partners and across the global organization. On top of this, necessary initiatives were knowingly going to further impact existing internal SSO functionality. Recognizing all of the SSO needs, both internal to the organization and external to the organization, the inefficiencies of disparate SSO solutions, and the increasing demand for additional SSO agreements internal and external to the organization, a Federation strategy was developed as was an associated implementation roadmap. The implementation soon followed and to this point Federation has addressed the following key areas: SSO from a global supplier portal to enterprise applications, SSO from an employee facing portal to a remotely hosted time and expense system, and SSO internal to the organization for applications with incompatible security mechanisms. Future plans are currently in place to continue to replace dated, non-standards based mechanisms and to continue to integrate new partners via the centralized Federation infrastructure.
Dave Miller - CSO, Covisint
Download Presentation: Federated Identity Communities in Action
The development of communities of interest for business, government and healthcare is on the rise. These communities are sharing more and more data every day and often times they are comprised of competitors or organizations that are distrustful of each other. A new model has risen where in each of these types of communities "identity brokers" have allowed for this information sharing in a secure and auditable manner. This session will outline lessons learned in establishing these "identity brokers", along with best practices for "identity community systems".
Steve Miller - Identity Management Architect, Wyeth
Download Presentation: Implementing Federated SSO in the Pharmaceutical Industry
The presentation will provide an overview of the process and technology involved in implementing Federated Single Sign-On at Wyeth. The focus will be on the successful integration of Ping Identity's PingFederate with a Microsoft IIS Intranet and SAP Netweaver Portal using internally trusted identities. The presentation will also touch on future plans to extend SSO to other applications (eRoom, Documentum, WebEx, . . . ) and plans to evaluate leveraging the current infrastructure to begin trusting identities of key business partners.
Frank Morrow - Division Manager, Commonwealth of Pennsylvania
Download Presentation: SSO at the Commonwealth of Pennsylvania
A case study on secure single sign on to applications at the Commonwealth of Pennsylvania which are utilized by common user groups across multiple agencies of the government, including about 65,000 business users and over 200,000 residents of Pennsylvania. The presentation will cover the implementation at the enterprise as well as at two major agencies. The general architecture for identity management at the Commonwealth will also be discussed.
Gunnar Peterson - Principal, Arctec Group
Download Presentation: Web Services Single Sign-On: There and Back Again
What happens to your identity information and business data after you press "SUBMIT" on a website? These bits have a journey as dangerous as Frodo Baggins' travels through Mordor. This talk traces the path from the website through the perils that lurk in the enterprise and legacy systems. We will explore what threats are encountered along the way, and how to design a cost effective security architecture with Security Token Servers using open standards.
Ken Tyminski - Retired CISO, Prudential
Download Presentation: Enterprise Single Sign-On: What Every Security Executive Needs to Know
Many security managers who want to add enterprise single sign-on to their security framework to combat password fatigue, password inflation and related problems run into stumbling blocks in securing funding. Kenneth Tyminski, former chief information security officer for one of the country's largest financial services companies, will discuss the top five business drivers that can help convince corporate executives to earmark funds for an ESSO implementation. The discussion will also debunk the three main myths about single sign-on and offers a list of guidelines for organizations to use in determining whether they would benefit from an ESSO deployment.
Discussion Group Notes
Coming Soon!
