Network & Security

SSO Definitions

SSO (Single Sign-On): A process whereby credentials are entered only once and allow access to many separate systems without having to re-authenticate for the duration of the session

Shibboleth: Software that implements SAML for providing single sign-on and federated identity management

SAML (Security Assertion Markup Language): A protocol for securely communicating authentication and identity information in a federated environment.

Federation: A collection of organizations that have agreed to interoperate using an common set of rules, particularly in the areas of privacy and security.

SP (Service Provider): Broadly speaking it is an application that provides some service to the end user.  In a Shibboleth environment, it is the software that provides some access control and communicates with the IDP for identity information.

IDP (Identity Provider): The application that takes authentication information (commonly a username and password) and translates that into identity information (name, email, affiliations, etc) which it provides to Service Providers based on defined policies.