eTrust Single Sign-On
February 01, 2004
Computer Associates International, Inc.Product:
from $7,500 (100-user license)
- Ease of Use:
- Value for Money:
- Overall Rating:
Permits the real-time termination of a user's session at any time.
SSO is supported from Windows workstations only.
Combines session management with comprehensive SSO functionality across many applications, including web-based and legacy ones.
eTrust Single Sign-On is for the enterprise market and has three components – Policy Server, workstation client, and Policy Manager.
Policy Server, which runs on IBM AIX, HP-UX, Sun Solaris, or Windows, uses a database and directory structure based on the LDAP protocol. This database maintains details of which applications each user is permitted to access. The Policy Server supports multiple authentication methods, and stores users' login credentials for each application in its encrypted database. These are transparently delivered as required to each application via the user's browser or client software. The Policy Server manages a user's password collection and presents the appropriate one to applications as required.
To access web-based resources, credentials are stored as security tokens in encrypted cookies within the user's browser on a session-by session basis to prevent copying of credentials and impersonation. For other resources, including legacy applications, a workstation client acts as a transparent intermediary in the login process.
The Policy Manager enables the administrator to manage users' access rights and control user authorizations.
Users with similar rights can be organized in groups.
There is also a Session Manager which can be accessed from any web browser and provides management of sessions in progress, enabling administrators to view active sessions and terminate them.
The One Time Password (OTP) functionality increases eTrust SSO password security for UNIX applications that transmit passwords in clear text. When you log onto a remote server, OTP connects to it and changes your password so that anyone who intercepted the clear text password cannot use it again to access the server.
Because eTrust SSO mimics keyboard and mouse input from the user, any logon method that uses mouse or keyboard input is also supported.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report