Single Sign-On Application Architecture And Design

Single Sign-On Application Architecture And Design

Length: 1265 words (3.6 double-spaced pages)

Rating: Excellent

Open Document

Essay Preview

More ↓
Single Sign-on Application Architecture and Design
The subject matter of this paper is the integration of single sign-on based web architecture in place of the current design that provides multiple sites for company employees. Currently, employees wishing to access company related information are required to access approximately eight different websites and maintain records for different user names and passwords for each site. This paper will outline the design specifics that will be necessary for full integration and user functionality of the new web-based portal.
One of the initial design considerations when looking at this project was the overall network architecture that the new layout would require. Currently, users have the option to access seven of websites over a regular internet connection. The preferred browser that is used by users is Microsoft Internet Explorer. Users simply enter in the web URL and provide the required username and password when prompted. The other website is accessed via corporate VPN over a secured (https) internet connection. As with the other sites, the employees will be prompted for a username and password and then are granted access to the corporate intranet.
Since all facilities have active internet connections, the overall communications architecture is already in place for office users. As long as users are able to access a secured internet connection (https) then there should be no issue connecting to the VPN.
Once the new application architecture is implemented, employees will be required to run an internet browser (preferably IE6) with a minimum of 128-bit encryption. User will then browse to a secured URL through their web browser to establish a secure connection with the corporate VPN. This will require that each location's firewall be configured to pass all secured traffic over port 443. Once a secured connection is established, users will be prompted to login with either their username or clock number and their chosen password.
After successful authentication to the website, employees will be taken to the main graphical user interface. This interface is where the majority of user interaction will occur and intranet websites can be accessed. The layout will be composed of links to the eight websites to which users have access. Since authentication to the main corporate VPN has already taken place, each site will no longer require a separate username and password combination. Each website that the user browses to will host all information related to that site. Users will have the ease of returning to the main VPN homepage at anytime by clicking on the "home" tab that will be displayed on all pages.

How to Cite this Page

MLA Citation:
"Single Sign-On Application Architecture And Design." 08 Dec 2019

Need Writing Help?

Get feedback on grammar, clarity, concision and logic instantly.

Check your paper »

The Effect Of Ioe On The Conventional Practices Of Enterprise Architecture

- EA is constantly facing the effects of emerging technologies and concepts. IOE is no different. It also has a severe effect on EA. The conventional practices of EA are not able to scale and cater the transformation. Silo Frameworks and Reference models are becoming available for IOE to address the gaps between traditional EA and latest technologies. EA has to add new domain and disciplines to cover the new areas that IOE has opened up like Security and Data analytics. EA also requires transformation at various levels including framework, governance skills etc....   [tags: Enterprise architecture]

Research Papers
1620 words (4.6 pages)

Grad School Application Essay

- ... It led me to analyze the contribution of the physical environment. With the fabric mostly composed of user generated, mixed-use typologies, I took note of their adaptability and active engagement of the open, public spaces. I consider the Chandigarh experiment as an introduction of a new typology in the local context, to fork the evolving trajectories of urban models, a laboratory open for critique and assessment of its successes and failures. I took advantage of the opportunities provided during my undergraduate career to appraise the present performance of the city against the conceived, modernist planning ideals....   [tags: urbanism, architecture, modernism]

Research Papers
1118 words (3.2 pages)

How Robotics Expand The Range Of Production And Design Opportunities For Architects By Rising Potential For Greater Material Differentiation

- Made by robots is an Architectural Design publication were the research work done at ETH Zurich by Fabio Gramazio and Matthias Kohler is shown. The main question of this publication is how can robotics expand the range of production and design opportunities for architects by rising the potential for greater material differentiation and complexity of form. The research done by this two people also has a greater final objective, which is what are the possibilities for applying robotics in the architecture industry at the large scale....   [tags: Construction, Architecture, Robot, Robotics]

Research Papers
825 words (2.4 pages)

Essay on Architecture for Statistical Multiplexer

- Introduction Twenty-first century communications will be dominated by intelligent high-speed information networks. The rapid growth of high-speed networks has led to many technological as well as social developments. As the networks supporting these services shift from the experimental phase to commercial operation, the pricing of limited resources will become an important problem. In this paper, statistical Multiplexer with QOS parameter control is implemented using VLSI design technologies. In communications systems by far the most common form of multiplexing is that of time division multiplexing (TDM)....   [tags: VLSI,flow chat,QOS]

Research Papers
1304 words (3.7 pages)

A Sustainable Solution to the Process of Procuring Glulam Products Essays

- 1.0 Introduction 1.1 Executive Summary The profession of architecture in this country is faced with the reality that much of our industry is supported by practices which cause undeniable harm to the environment. The rapid growth of human activity into sensitive ecosystems; the support of unsustainable resource industries; the continued practice of designing buildings which do not meet sustainable design standards; all of these issues point to a profession unable to control its reliance on unsustainable practices....   [tags: Architecture]

Research Papers
1635 words (4.7 pages)

computer architecture Essay

- computer architecture Computer architecture covers the design of system software, such as the operating system (the program that controls the computer), as well as referring to the combination of hardware and basic software that links the machines on a computer network. Computer architecture refers to an entire structure and to the details needed to make it functional. Thus, computer architecture covers computer systems, microprocessors, circuits, and system programs. Typically the term does not refer to application programs, such as spreadsheets or word processing, which are required to perform a task but not to make the system run....   [tags: essays papers]

Free Essays
746 words (2.1 pages)

Wirelenss Mobile Networks: Design and Performance Essay

- Wireless networks become part of daily life. Day by day, every hotel, mall, cafe, restaurant etc. are covered by wireless internet zones. Not only laptop computers and PDAs are used to connect to wireless networks, but also some of the new mobile phones are also equipped with wireless network cards to connect to the wireless access points to get high-speed Internet access. In order to extend the limited range of wireless access points, multiple access points are deployed to the zones to compose wireless mesh networks....   [tags: Routers, Mesh, Internet]

Research Papers
696 words (2 pages)

Developing System-On- Chip Essay

- System architecture and design of the system of an SoC is the most important parts to be considered when developing system-on-chip applications. High density system integration, ……. Embedded computers typically have tight constraints on both functionality and implementation. In particular, they must guarantee real time operation reactive to external events, conform to size and weight limits, budget power and cooling consumption, satisfy safety and reliability requirements, and meet tight cost targets A. Typical Architecture of SoC Architecture of a system (SoC) is one of the key aspect that determine s its performance, functionality and the success of the system itself....   [tags: applications, integration, architecture]

Research Papers
776 words (2.2 pages)

Hardware/Software Co-design using Primitive Interface Essays

- Most engineering designs can be viewed as systems, i.e., as collections of several components whose combined operation provides useful services. Components can be heterogeneous in nature and their interaction may be regulated (5) by some simple or complex means. Interface between Hardware & Software plays a very important role in co-design of the embedded system. Hardware/software (7) co-design means meeting system-level objectives by exploiting the synergism of hardware and software through their concurrent design....   [tags: Information Technology ]

Research Papers
1155 words (3.3 pages)

Acoustical Problems in Theatrical Spaces: Acoustic Systems that can Help

- 1 Audible Architecture An exploration of the sound problems in theatrical spaces and how active acoustic systems can help. The architectural properties of a space are the most important contributor to its’ acoustical qualities. However, not every space is crafted perfectly in regards to acoustics, especially in the case of multipurpose performance spaces. This paper will look at the sound technologies available today and how they can be used to mediate and solve acoustical problems due to imperfections within the architecture....   [tags: Theater, Architecture, Sound]

Research Papers
2428 words (6.9 pages)

This will allow for easy navigation throughout all corporate intranet sites.
The web systems and sites will be hosted out of corporate headquarters and operate off clustered server suites running Microsoft IIS (Internet Information Services). A clustered environment will provide the fault tolerance and failover capabilities required to maintain product efficiency as well as provide the processing power required to handle large amounts of user activity simultaneously. According to, "…if one of the nodes in a cluster becomes unavailable as a result of failure or maintenance, another node immediately begins providing service, a process known as failover. Users who are accessing the service continue to access the service, and are unaware that it is now being provided from a different server (node)" (What's New in Clustering Technologies, 2004). This solution is necessary to maintain the projected uptime of near 99%. In addition, with redundant server capabilities, this will allow IT personnel to perform maintenance tasks on server related systems and applications with no noticeable impact on site users.
Single sign-on will be provided through a central authentication service (CAS) server located at corporate headquarters. This server is the main system that will allow users access to multiple sites under one username and password combination. The CAS is designed with a few goals in mind:
• To facilitate single-sign-on across multiple web applications, as well as to core services that aren't necessarily web-based but have web front end
• To simplify procedures that applications need to follow in order to perform authentication
• To localize actual "primary" authentication to a single web application, which makes it easier for users to safeguard their password and lets [corporate headquarters] change authentication logic if necessary without having to change numerous applications
Below is a diagram ( that outlines the basic input/output requirements for authentication through single sign-on authentication server:

So how does CAS work? "When…[the user]…logs into CAS, a cookie is saved in your browser. This cookie contains a unique ticket number that identifies you to the CAS server. Every time you access the site after you are logged in, your browser automatically transmits this cookie to the web server. CAS reads the cookie, looks up the ticket in its database, and identifies you" (Szorc, 2005). The central authentication server that is used in the organization will have tie-ins to the main Active Directory tree that is used by the organization. Since the organization is already running in a forest/domain model, the Active Directory database already takes advantage of secure updates and site replication. This will allow for easy maintenance and creation of user accounts and passwords and allow end-user configuration of login profiles and personal information.
Use of the Windows 2000/2003 Active Directory environment will also allow the IT department to integrate the security features that were requested. Through Group Policy, inactivity time out of 15 minutes can be set for remote users as well as the configuration and integration of auditing on all web related activities.
The websites that are currently external to the corporate intranet will need to be pulled from external source access and integrated to the internal IIS intranet server. Below are lists of the websites that will be realigned:
1. Benefits (medical, dental, vision, 401k, pension, etc.)
2. Corporate email (Outlook web access)
3. Employee Self Service
4. FSM Time Card
5. Knowledge Network Online
6. Learning Management System
These websites have already been coded and designed by internal company workers but will need tweaking and modification in order to run under the new single-sign on umbrella. Through the CAS server, as described above, these sites once put in place on the corporate VPN will need to be redesigned to take advantage of a centralized authentication source. One of the benefits of this project integration is that the majority of the redesign that would have been involved with actual design of these sites has already been completed. Below is a brief outline of how the communications, networks, and systems architecture will be setup and configured for this project:

Although this project may seem like a daunting task, the actual design and implementation should be completed rather smoothly. One of the key factors that will allow smooth implementation is that a lot of the communications infrastructure, both on the systems and networks side, is already in place and in a working state. With the implementation of a few other key additional systems, the redesign of corporate websites should be a seamless one. Not only will this allow the end-user to have a more enjoyable, easy-to-use access portal to corporate information but will also allow for a more functional work environment.

Newman, A. (2002). Its central authentication service
version 1.0). Retrieved Oct. 31, 2005, from Technology
& Planning Web site:
Szorc, G. (2005). Retrieved Oct. 31, 2005, from Central
Authentication Service Web site:
What's new in clustering technologies. (2004). Retrieved Oct. 31, 2005,
from Cluster Service (MSCS) Web site:
Return to