Gartner Research

Decision Point for Reduced Sign-On

Published: 09 July 2012

ID: G00235088

Analyst(s): Ian Glazer , Gerry Gebel , Mark Diodati

Summary

Users complain, rightly, that they are faced with too many sign-on challenges as they go about their daily work routines. Architects attempting to address this problem may feel a little like the Greek mythological character Sisyphus. To help organizations get rolling in the right direction, this "Reduced Sign-On" Decision Point provides guidance for how to implement the many alternatives available to simplify the user environment. *The secondary authors listed above have been included for attribution purposes only. They were the original authors of this content, but were not involved in the latest update. As they are no longer employed at Gartner, please contact the lead author if you have questions.

Table Of Contents

Decision Point

Typical Requirements

  • Convenience vs. Risk Aggregation: Simplified, Reduced, or Single Sign-On
  • Managing Authentication Across Identity and Policy Domains
  • Increase Productivity
  • Reduce IT Costs
  • Develop RSO Strategy for All Constituencies
  • Provide Integration Point for Stronger Authentication
  • Enable Policy-Based Authentication

Alternatives

  • Password Management
  • E-SSO
  • Web SSO
  • Federation
  • Central LDAP Authentication
  • Extending NOS Login

Future Developments

  • Expanded Use of Federation
  • GINA Module Goes Away in Windows Vista
  • Broader Adoption of Web Services Applications

Evaluation Criteria

Statement & Basis for Position

  • Policy Considerations Position
    • Implement RSO.
    • Don't utilize RSO techniques.
  • Password Management Position
    • Consider password-management tools as a tactical step.
    • Do not reduce sign-on or use password management.
    • Seek to leverage RSO approaches.
  • RSO for Heterogeneous Applications Position
    • Use WAM solutions.
    • Use WAM or centralized LDAP authentication service.
    • Use E-SSO or centralized LDAP authentication service.
  • Extending Network Domain Login Position
    • Use the NOS authentication and session mechanisms for RSO.
    • Do not use the NOS directory for RSO.
  • Federation Protocols Position
    • Use federation.
    • Use any mechanisms that are suitable to the domain.

Relationship to Other Components

©2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client