1 00:00:00,776 --> 00:00:13,745 Open source software that implements Single Sign On for web applications.

2 00:00:14,579 --> 00:00:32,639 Multi Sign On : Different applications present their own login form and have dif ferent username, passwords for each. 3 00:00:33,450 --> 00:00:44,510 Improve multi sign on by having one store credentials for each user. 4 00:00:45,354 --> 00:01:00,323 All applications presenting their own login form gets to touch end users passwor d. 5 00:01:01,368 --> 00:01:14,928 A central store with same username and password for all applications makes the u ser convenient. 6 00:01:15,271 --> 00:01:28,329 Any compromise among any of the applications leaks the private credentials. 7 00:01:29,872 --> 00:01:42,930 Adversary compromising one application can compromise all other applications. 8 00:01:43,074 --> 00:02:08,941 The password adversary is running off with is useful for authenticating all appl ications sharing same credentials. 9 00:02:39,178 --> 00:02:46,145 Idea is to get rid of individual applications login form. 10 00:02:47,279 --> 00:02:55,941 Instead use CAS and CAS login experience for authentication. 11 00:02:56,950 --> 00:03:28,713 Adversary might compromise one of the application which might be less or more ba d depending on the application. 12 00:03:29,053 --> 00:03:42,816 But with CAS and SSO the adversary doesnt get his hands on user's credentials. 13 00:03:43,955 --> 00:03:52,013 Because all the end users credentials are redirected to CAS. 14

00:03:53,458 --> 00:04:15,517 Presented By : Kavya and Madhushree .