Single sign-on / field of cryptography - Research Paper Example

Single sign-on field of cryptography Paper What are the goals of single sign-on for businesses? Single sign-on has revolutionized how businesses make use of authentication infrastructure to authenticate users in more than one devices. Today, there are many businesses systems that require customers to authenticate and verify their identity. With the number of business authentication systems increasing, single sign-on has become solutions to many issues (Davida et al., 2002). With single sign-on in place, customers can authenticate into a system once and use the authentication authority to access other systems that require authentication.

The adoption of single sign-on in business resonate with the goals of increasing user security, improving user experience and increasing ease of management. The primary goal of single sign-on is to improve the security of users in a business environment. Businesses entities such as corporations may require users to authenticate themselves before accessing systems such as mail servers, client-server applications or local directory services (Dubrawsky, 2009). With lack of a single sign-on, users may need to keep track of many passwords necessary to log into the different systems.

This practice could lead to compromise of security where malicious users access customer’s password. In addition, the use of a central database to store passwords could improve security where a business entity enforces specific password policies (De Clercq & Grillenmeier, 2007). Enforcing a uniform authentication policy is vital for increasing security of a business system. Another goal of single sign-on is improving user experiences by removing the need for multiple authentication. The number of systems that require authentication are ever increasing, and this implies that users require new usernames and password for authentication in the new system (Safavi-Naini et al., 2003). While the availability of new systems is desirable, users will have poor experiences if they have to authenticate to every single device or system.

It is the goal of businesses to improve the user experience by using single sign-on that allows users authenticate once and access more than one system or device. The implementation of single sign-on in business stems from the goal of improving management of information systems that require user authenticate. There are many aspects of systems that entail authorization and authentication, many of which require centralized management. For instance, business entities enforce policies on how users authenticate before gaining access into a system.

With a single sign-on, business can easily manage authentication and authorization because a single sign-on allows centralized management of rules or policies that govern authentication (Convery, 2004). This implies that businesses can improve their functions by enforcing desirable policies using single sign-on authentication systems rather than managing a distributed system that may require more than one authentication. Evidently, single sign-on allows businesses to achieve easy management of authentication resources in their business environment.

References Clercq, J. ., & Grillenmeier, G. (2007). Microsoft windows security fundamentals. Burlington, MA: Elsevier Digital Press. Convery, S. (2004). Network security architectures: [expert guidance on designing secure networks]. Indianapolis, Ind: Cisco Press. Davida, G., Frankel, Y., Rees, O., & International Conference on Infrastructure Security, InfraSec. (2002). Infrastructure security: International conference, InfraSec 2002, Bristil, UK, October 1-3, 2002: proceedings. Berlin: Springer.

Dubrawsky, I. (2009). The CompTIA Security + certification guide: Exam SYO-201. Burlington, MA: Elsevier. Safavi-Naini, R., ACISP, ACISP 2003, & Australasian Conference on Information Security and Privacy. (2003). Information security and privacy: 8th australasian conference; proceedings. Berlin:Springer. Paper 2: What are the common terms used in the field of cryptography? Cryptology is a field that has changed how users communicate information while hiding them from authorized access during the dissemination process.

Today, cryptography have grown into a robust area of study that provide an extensive array of knowledge on cryptography (Batten, 2012). In the study of encryption and related methods of creating ciphers and deciphers, there are many terms some of which are common and illustrate the extensive of this field. Some of the common terms are cryptosystem, cryptography, cryptanalysis & cryptology and plaintext. The term cryptography refers to the study that concern itself with the use of algorithms to conceal information.

A cryptographer applies the understanding of cryptography to conceal data using mathematical transformation (Kim & Solomon, 2011). While cryptography entails the study of how to conceal data, the term cryptanalysis denotes to the study of breaking cryptosystems that hide information (Klima & Sigmon, 2012). When an analyst could conceal information, cryptanalyst focus on breaking the cryptographic protection in a system. This term therefore, refers to the art of bypassing cryptographic techniques without the consent of the cryptographer.

A fundamental term in cryptography is cryptosystem. This term denotes a suite of algorithms necessary to accomplish a desirable implementation of encryption and decryption. Often, the suite consists of three algorithms necessary to produce a key, encrypt data and decrypt the enciphered data (Schmeh, 2003). The term cryptosystem thus refers to all the algorithms necessary to conceal information into a cipher text and apply another algorithm to reveal cipher text into plain text (Merkow, & Breithaupt, 2003).

This is a fundamental term used in cryptography that uses other terms such as cipher text, plain text and key. The term plain text is fundamental in the field of cryptography. This term refers to text that is in a human-readable format and is often the starting point of cryptography (Merkow, & Breithaupt, 2003). A cryptographer applies an algorithm to a plain text and convert it to cipher text, which hides the content of the message. The term cryptology is often used in the field of cryptography when analyst refer to both the cryptography and cryptanalysis.

This terms refer to the two terms above as it covers how to conceal information using algorithms and breaking into cryptographic protection by using various techniques of cryptanalysis (Oppliger, 2009). The term cryptology thus sums the process of designing cryptosystems to conceal information and the art of breaking cryptosystems to conceal hidden information. References Batten, L. M. (2012). Public key cryptography: Applications and attacks. Hoboken, N.J: John Wiley & Sons. Kim, D., & Solomon, M. (2011). Fundamentals of information systems security.

Sudbury, MA: Jones & Bartlett Learning. Klima, R. E. & Sigmon, N. P. (2012).Cryptology: Classical and Modern With Maplets. New York: CRC Press. Merkow, M., & Breithaupt, J. (2006). Introduction to Information Security Management Information Security: Principles and Practices. New York: Prentice Hall Oppliger, R. (2009). SSL and TLS: Theory and practice. Boston: Artech House. Schmeh, K. (2003). Cryptography and public key infrastructure on the Internet. Chichester, England: J. Wiley.