Single Sign-On for Mobile
0 likes1,252 views
Layer 7's mobile single sign-on (SSO) solution offers secure authentication for enterprise applications, utilizing existing identity management systems and standards like OAuth 2.0 and OpenID Connect. It provides SDKs for iOS and Android, enabling developers to simplify the integration of secure access while enhancing user experience through features like multi-factor authentication, context-based authorizations, and device validation. The solution aims to reduce security risks associated with mobile access to enterprise data and services, while maintaining the flexibility and management capabilities needed for modern mobile applications.
Single Sign-On for Mobile
- 1. Single Sign‐On for Mobile Simplify Secure Mobile App Access to Enterprise Resources Layer 7’s solution for mobile Single Sign‐On (SSO) provides mobile enterprise applications with a secure method of authenticating and authorizing users against existing enterprise identity management infrastructure. The solution includes SDKs for most common platforms, including Android and iOS. The Challenge: Secure Mobile Access to the Enterprise Learn More About Layer 7’s Mobile Identity and authentication assurance needs to be balanced against the Access Solutions assets in use. When mobile apps leverage enterprise data and services, Phone the risk of security being compromised is increased. The cost goes +1‐800‐681‐9377 (toll free within North America) beyond a tarnished brand name – breaches can put a business at risk. or +1‐604‐681‐9377 Email The Solution: Mobile Single Sign‐On info@layer7.com Layer 7’s solution for mobile SSO simplifies the process through which Web apps require users to sign in to the enterprise. The solution leverages the www.layer7.com underlying security in a device’s operating system to effectively create a Facebook secure sign‐on container for apps. www.facebook.com/layer7 Twitter Layer 7 offers a complete end‐to‐end, standards‐based and proven @layer7 security solution for mobile SSO. This solution uses OAuth 2.0, OpenID Connect and JWT standards. Communication is secured through Layer 7’s SecureSpan Mobile Access Gateway. The Mobile Access Gateway is lightweight, low‐latency mobile middleware with integrated security and management controls designed to help enterprises safely and reliably expose internal assets to developers and remote apps, as mobile APIs. While the Gateway solves critical mobile‐specific identity, security, adaptation, optimization and integration challenges, the mobile SSO solution delivers SSO libraries for device developers. By providing a simple API consumption layer on the mobile platform, all the complex OAuth and OpenID Connect protocol handshakes between mobile device and Gateway are abstracted out. The mobile app obtains an access token using OAuth. The user context is shared across a group of applications via OpenID Connect. The client SDK is available for iOS and Android devices, while support for other platforms is planned for future releases. Copyright © 2013 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark are trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.
- 2. Features & Benefits Features Flexible architecture with hooks for optional trust bootstrap via crypto material from Multi‐layered approach external sources (SIM, OTP, CAC) to mobile security Multifactor authentication for high assurance level protection Policy configured per app, user or device to tailor use cases Continuous device validation through One Time Password (OTP), for device registration Validation of device Re‐registration procedure triggered by admin or usage patterns and user identity PKI provisioning Lost device tracking Track device activity (failed/successful) authentications and blockage from Track device location through GPS data or network services admin portal Revoke access to user, device and apps from admin view Integrate into Microsoft‐based security through Active Directory, ADFS and Claims Integration with existing Extend CA SiteMinder directory service to mobile clients backend identity Integrate with Oracle Access Management management systems Leverage LDAP directory services for client without custom client Benefits Sign in once for all enterprise apps under the same domain Simplify PKI‐based certificate delivery and provisioning to mobile devices Deploy OTP for a higher assurance level Mobile app security Enable multi‐factor authentication Integrate with HW security modules Enable context‐based authorizations Leverage client libraries to hide the complexity of OAuth and OpenID Connect Mobile developer Provide UI elements for user sign‐in enablement Enable cross‐device token sharing with devices in proximity Enhanced user experience (UX) Minimal password typing End user enablement Consistent UI for all enterprise apps across devices and best‐in‐class user Client‐side tooling skinned to service provider brand experience Transparent view of authorizations Control Center app to assist in SSO and enhanced features like cross‐device token sharing Access grant without browser redirection for authentication Leverage optimized tokens for mobile consumption Mobile Access optimization Ensure seamless flow of sign‐in session as user switches devices Integrate with enterprise identity services To learn more about Layer 7, call us today at +1‐800‐681‐9377 (toll free within North America) or +1‐604‐681‐9377. You can also: email us at info@layer7.com; friend us on Facebook at facebook.com/layer7; visit us at layer7.com; follow us on Twitter (@layer7). Copyright © 2013 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark are trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.