Symplified Offers Single Sign-On for the Cloud

 
 
By P. J. Connolly  |  Posted 2010-08-05 Email Print this article Print
 
 
 
 
 
 
 

Although directory services have been used in IT for years, bridging the gap between the corporate directory and the cloud is a chore that many prefer to avoid altogether. Symplified's SinglePoint SSO allows organizations to operate a hybrid of local and cloud identities, or even to migrate identity functions to the cloud.

Directory services may be old news, but they still represent an important part of the IT infrastructure. The question for many organizations is how to take an existing directory that grew up around locally served applications and services such as file and print, and use it with cloud-based services such as Google and Salesforce.com.

Too often, the answer is to avoid integration between local identities and the cloud. That choice, convenient as it may be in the short run, is likely to blow up in one's face someday. As cloud-based services proliferate, the potential only increases for trouble through a compromised user identity, or a dropped ball on the part of an administrator provisioning services for users.

Enter Symplified and its SinglePoint cloud-based single sign-on services, which were refreshed in summer 2010 with an array of new features designed to keep local user stores and cloud-based services on the same page. Symplified's approach to SSO makes heavy use of open-source technologies and methods such as SAML (Security Assertion Markup Language) and XACML (eXtensible Access Control Markup Language) to perform its chores.

Although the nature of cloud-based services makes it possible to slipstream new features into the mix, Symplified chose instead to implement an entirely new provisioning fabric for SinglePoint in July, implementing augmented synchronization and directory capabilities, and a service that allows companies to use Google and Salesforce.com as cloud-based directory services that can authenticate users in other applications.

The new Symplified Identity Vault can substitute for an on-premises directory service, and manage user identities as a cloud-based function, independent of any local infrastructure. For example, in a traditional portal environment, the IT group would maintain users within an LDAP directory; when the Identity Vault is implemented, the portal instead turns to Google or Salesforce.com for authentication, and uses the information supplied by the chosen service to deny or grant access.

For shops looking to migrate from the traditional locally served user authentication and authorization, or simply to offer a hybrid of local directory services and cloud-based services, Symplified Sync steps into the picture. Symplified Sync offers a way to bridge the gap between Microsoft Active Directory and the cloud, mapping user attributes defined in AD to cloud services as desired. In this first pass, Sync bridges between Active Directory and Google or Salesforce.com, but Symplified expects to include other cloud applications as demand requires.



 
 
 
 
P. J. Connolly began writing for IT publications in 1997 and has a lengthy track record in both news and reviews. Since then, he's built two test labs from scratch and earned a reputation as the nicest skeptic you'll ever meet. Before taking up journalism, P. J. was an IT manager and consultant in San Francisco with a knack for networking the Apple Macintosh, and his love for technology is exceeded only by his contempt for the flavor of the month. Speaking of which, you can follow P. J. on Twitter at pjc415, or drop him an email at pjc@eweek.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel