BAA federation, single sign-on user accounts

Forums General Discussion BAA federation, single sign-on user accounts

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #573400
    maloveday
    Participant

    Hi All,

    I just wondering what members opinion is on the idea of the BAA user login became a federated SSO service. Thus members/local affiliated groups could make their data available to other BAA members without needing to manage their own autherication service.

    It also adds a nice additional reason to be come and stay as a BAA member.

    There are a number of FOSS solutions available to us (see link below), so it would not be technologcally challenging – it is more of a logistical problem.

    So what do people think?

    Mark

     

    http://resources.infosecinstitute.com/saml-oauth-openid/ 

    #576718
    David Dunn
    Participant

    Mark,

    Do we really need this level of sophisication? In my experience of this sort of system, it is the maintenance workload that can be onerus. Is enough of our sharing that sensitive that we need to add this burden to the system. Would PGP not be a simpler alternative?

    Sorry if I sound negative. I see the need to protect so parts of the BAA business but I suggest some careful analysis of the costs/benefits before commiting to this solution.

    David

     

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.