Glossary
S
Single sign-on (SSO) is an authentication process that allows users to access multiple applications and services with one set of login credentials. Enterprises typically use SSO to provide better user experience for accessing a variety of web, on-premises, and cloud apps. SSO can also give IT more control over user access, reduce password-related help desk calls, and improve security and compliance.
Secure Token Service (STS) is a service that can issue security tokens, validate security token claims, renew security tokens, and cancel security tokens. Because web services and requestors (consumers or clients) are typically deployed across different security domains and topologies, each domain may require a specific security token type to assert authenticated identities. STS service provides a way to exchange tokens across these different domains without re-authenticating or re-establishing trust relationships while allowing the requestor access to a web service's protected resources.
A session refers to any group of interactions between a user and an application that takes place within a given timeframe. A single session can contain multiple activities (such as page views, events, social interactions, and e-commerce transactions), all of which the session stores temporarily while the user is connected. When a user leaves a website, closes their browser, or session lifetime limits are reached the session ends.
Security Assertion Markup Language (SAML) is an open standard used to facilitate the exchange of authentication and authorization data between two systems, in particular, between an identity provider and a service provider. An identity provider is an entity within the system that provides authentication and ensures that the user really is who they claim to be. A service provider is an entity — generally, a server or other computer — within a system that helps the user access the services he or she wants.
A System for Cross-Domain Identity Management (SCIM) is an open standard for automating the exchange of user identity information between IT systems, designed to make user identity management in cloud-based applications easier. SCIM can be used to automatically provision, and deprovision user accounts in external systems, such as custom SAML apps.
The Public Key Infrastructure (PKI)-based smart cards enable organizations to use physical cards to control access to a resource. Smart cards are frequently implemented by government agencies to complying with government regulations, such as the Defense Federal Acquisition Regulation System (DFARS) and International Traffic in Arms Regulations (ITAR).
Social Login is a method of Single Sign-On (SSO) for end-users. Using their existing login information from a social network provider like Facebook, LinkedIn, or Google, users can sign into a third-party website instead of creating a new account specifically for that website. Social Login simplifies registrations and logins for end users.