Liberty Alliance Case Study on SSOCircle published

English on February 28th, 2008 No Comments

“SSO for All: SSOCircle Makes Single Sign-On Available to Everyone” is the title of the recently published Case Study on SSOCircle. The study gives a very good overview of the features and objectives of SSOCircle.

Tags:

SSOCircle completed first year in operation today

English on January 28th, 2008 No Comments

We are celebrating the 1st anniversary of SSOCircle’s public launch. It is exciting to see how SSOCircle is adopted and that the subscriber base climbed to over 500 users despite of almost no marketing activities. For us it is important to note that 10 % of the users are actively trying to undertake their first SAML steps or test their ready-to-run Service Provider by integrating into the SSOCircle of Trust. Strong authentication is another well accepted feature which was introduced in mid 2007. People are enrolling their certificates and use it to improve authentication to a more secure level. This short résumé is also the right time to say thanks for their ideas and help to the OpenSSO community notably Pat Patterson and Paul C. Bryan, ZXID creator Sampo Kellomäki and the guys from RS-Computer in Hannover and Feitian in Beijing.

Tags:

Strong Two Factor Authentication with USB Hardware Smart Card Tokens

English on November 10th, 2007 No Comments

Continuing the road to secure strong authentication SSOCircle now supports USB hardware smart card tokens. These tokens are a combined smart card and smart card reader with a USB interface. Because of their small size, they can be easily attached to a key ring. Have you ever been worried using a public internet terminal ? Have you been bothered about a keystroke logger could be installed on the PC and is grabbing your passwords ? If yes, ePass USB smart card token is the perfect solution for you. SSOCircle offers now automatic enrollment of X.509 certificate to ePass USB tokens. Just enroll a certificate at SSOCircle.com, go to the internet cafe and insert the stick and single sign on to SSOCircle and all integrated Service Providers. After finishing your work, logout and remove the USB token and be 100% safe that nobody can grab your credentials and reuse it. The certificate store on the token can not be exported or copied from the stick. That’s simply the meaning of two factor authentication: one thing you know (the PIN of the token) and one thing you have (the token itself). Security made simple.

ePass tokens can be used driverless. For Firefox you only need to setup the security device. To ease that step we are now providing a Firefox addon. The addon probes for the PKCS11 libraries, creates the device and imports the SSOCircle CA certificates automatically.
But if you think that installing an addon is not feasible on a public terminal, read this: StorePass is a device with flash memory and a smart card on one device – and cool as it is – it doesn’t need a driver. So, just put your fully configured firefox on the flash, start the browser from the stick and off you go.

If you are looking for the ePass or the StorePass, please visit RS-Computer.

Technical note:
ePass2000ft11 tokens work on Windows Windows 98SE/Me/2000/XP/Server 2003/Vista, Linux and MacOS. For use with Firefox you just need the PKCS11 library but no additional drivers.
StorePass is a device combining flash storage and the ePass smart card functionality.
For more information and details visit RS-Computer.

Tags: , , , , , , ,

Strong Authentication and Public Key Infrastructure

English on August 18th, 2007 No Comments

As one of our main goals has always been the improvement of authentication security, SSOCircle is now offering Strong Authentication with X.509 Certificates and a PKI supporting automatic enrollment of Certificates. Using Certificate based authentication reduces the threat of Phishing ( a malicious site that pretends to be the login mask of someother and reads your password – no matter if it was encrypted over the wire or not ). With Certificate based LogIn there is no need to let your password travel over the network.

Tags: , , , ,

OpenID functionality updated

English on June 30th, 2007 No Comments

SSOCircle the first Identity Provider supporting SAML 2.0 and OpenID protocols now includes attribute exchange through OpenID Simple Registration Extension.
You are now able to share profile attributes ( like name or email address ) between the IDP and the Relying Party. You will be asked to confirm the transfer of attributes as soon as the service you are signing in is asking for it.
Thanks to Paul C. Bryan for making this possible.

Tags: , ,

SSOCircle integrates with Google Apps

English on April 15th, 2007 No Comments

With SSOCircle you can now experience Single Sign On to Google Apps: Email, Calendar, Docs and Spreadsheet plus a personalized portal page. See how it works and get your ssocircle.com email address.

Tags: ,

SSOCircle starts multiprotocol support

English on April 9th, 2007 No Comments

SSOCircle has started a pilot to support OpenID. You can now use your SSOCircle account at OpenID relying parties. Just type in <yourSSOCircleID>.ssocircle.com as your personal OpenID URL at the service site and experience SSO that opens up the SAML and the OpenID world.

Tags: ,

Additional management functionality available

English on April 7th, 2007 No Comments

User self administration pages now provide functionality for displaying and managing own profiles, SAML 2.0 account federations and OpenID trust settings.
Service Provider administrators now have an easy-to-use interface to import, list and remove SAML 2.0 Metadata.

Tags: , ,

New demo of a “pure” php saml 2.0 service provider

English on March 25th, 2007 No Comments

A new demo was launched at SSOCircle. The service provider has its own local user database and you can follow the steps from creating a local account to the linking of that account to your account at SSOCircle. The SP is based on lightbulb ( a OpenSSO extension ) and is written in “pure php”. From download.saml2.com it is available in preconfigured source.

Tags: , , , , ,

New Download Service Provider

English on March 4th, 2007 No Comments

You can now download a sample SAML 2.0 service provider and install it in your web server. The sample is a static linked C executable which is preconfigured to use SSOCircle as an IDP. You just need a few steps to adopt it to your site. The steps are outlined in solutions.
The download service provider is another sample how federation can ease deployments – and last but not least the download service provider is implemented in PERL leveraging the multi language support of ZXID.

Tags: , , , , , ,